Facebook has recently informed over 530 million users that, in 2019, they were exposed to a data breach. The criticism that followed has prompted some to ask: what is happening?
The details of 530 million Facebook users were reportedly exposed on a hacker’s forum. The data breach included phone numbers, Facebook IDs, names, and birthdates. However, it did not include financial information, health information or passwords.
Hackers were able to gain access due to a bug in Facebook’s contact importer code, according to the company. Most of the data reportedly came from US users, but 18 million records were from UK users.
Facebook appears to place the blame on the ‘malicious actors’. It said the story is old news and not about a recent hack of its systems.
After the data breach in 2019, Facebook said it made changes to the contact importer to prevent similar incidents.
With the Cambridge Analytica data still casting a shadow over Facebook, the re-surfacing of this data breach has not helped. In addition, Facebook’s apparent attitude towards it has drawn a lot of criticism.
Although Facebook sees this as old data, it may still be used by cybercriminals. If a phone number is connected to email addresses, it can be used to obtain SMS codes to sign in.
It is unclear whether Facebook has notified all users whose data had been stolen. There is no simple way for these users to tell if they have been affected by the data breach. People do not often change their details, so they could still be at risk.
The platform’s dismissal of the data breach as ‘old news’ sparked an apparent culture of impunity. It also raised questions about its attitude to its users’ data.
Facebook has also faced questions on whether it should be doing more, under GDPR, to respond to European regulators. Also, there are calls for Social media companies to be more open and improve security measures.
Other criticism includes allowing privacy and security issues to continue, because of Facebook’s market dominance.
It is not always clear to see if you have been victim to a data breach. However, users can check if their details have been taken on HaveIBeenPwned.
The size of this breach has place Facebook under the spotlight again. Many people, particularly European regulators, are calling for greater accountability. It is another blow to user trust and could fuel action in Washington.
For users, it’s a case of not really knowing if their data has been stolen and sold on. They will feel powerless in their relationship with the social media giant as regards to their data privacy security. Many feel that more pressure from organisations and tougher action from regulators may be the only way to force changes.
You can find more tech insights on our news page.
Having had some real bad experiences with IT companies in the past it has been a breath of fresh air to have you and your team assisting all of my staff with any issues that have arisen.
- Tony King -