Facebook says a breach that hit 533m is old news. Experts disagree
After information from 533 million Facebook users was exposed to hackers, the company has tried to reassure users, saying that the data was leaked years ago and has since been secured.
But experts say the issue is still grave – whether it happened in 2021 or years prior – largely because of the nature of the leaked data.
The dataset, first reported by Business Insider, contained information from 106 countries including phone numbers, Facebook IDs, full names, locations, birthdates and email addresses.
Even if it did not include passwords, the data is significant because those identifiers don’t often change, said Rob Shavell, chief executive officer of DeleteMe, a personal data protection tool.
“Even if the data is old, it’s never really old because it will always be useful for data brokers,” he said. “It helps them correlate related information that is new and dump them into these profiles, which they sell online for as little as 99 cents.”
That the leak dates back to 2019 may actually work to Facebook’s detriment: under some privacy regulations, including Europe’s GDPR, that means the company should have alerted users under privacy-related reporting requirements. Ireland’s Data Protection Commission announced on Tuesday it was investigating the breach to see if it violated any rules.
“The DPC attempted over the weekend to establish the full facts and is continuing to do so,” it said in a statement. “It received no proactive communication from Facebook.”
The data probably changed hands many times, said Ivan Righi, cyberthreat intelligence analyst at the San Francisco cybersecurity firm Digital Shadows. He said it appeared the data had initially been listed at a relatively steep price, limiting the number of hackers who were willing to buy.
“The breach was probably resold multiple times since then until the price lowered enough that a user decided to publicly expose it to generate a small profit and increase reputation,” he said, adding that this behavior was common for hackers. “While the data may be old, it still holds a lot of value to cybercriminals.”
Data leaked from Facebook can be used in combination with existing user data online to hack accounts, including bank and other accounts that require two-factor authentication – texting a confirmation code to a phone number to verify a person’s identity. The leaking of phone numbers can also be problematic amid the meteoric rise of robocalls in recent years.
“Forget about being hacked, it’s just annoying to be constantly getting spam calls,” Shavell said. “The data breach, whether they say it’s old or not, is another way spammers get this information.”
The latest breach adds fuel to the antitrust fight that has been brewing in Washington. Facebook has experienced data security issues in the past, most notably when the political firm Cambridge Analytica accessed information of up to 87 million users without their knowledge.
The new breach also calls attention to the need for additional regulations in the EU, said Varoon Bashyakarla, a data scientist who works as a technical adviser to the Real Facebook Oversight Board – an activist group intended to hold Facebook accountable for content decisions. Bashyakarla said his own data had been exposed in the breach.
“This incident underscores the need for Facebook to respond to European regulators and not merely American ones,” he said. “If there are no consequences for incidents like this one, they will continue, as we’ve observed over the last several years.”
The Electronic Frontier Foundation (EFF), which called the newly revealed breach “horrific”, said Facebook’s dominance in the tech industry directly contributed to hacks like these. There are few options for users who, fed up with privacy breaches, do not want to use the platform – Facebook already owns alternatives including Instagram and WhatsApp.
“Privacy does not come from monopoly,” Cory Doctorow of EFF said. “Facebook’s data breach problems are the inevitable result of monopoly, in particular the knowledge that it can heap endless abuses on its users and retain them.”
Facebook did not immediately respond to request for comment.
Users can check legitimate websites including HaveIBeenPwned to see if their data is included in the leak, or in leaks past.
- ‘You were right there to pick me up:’ Tom Brady’s heartfelt message to Julian Edelman
- LIVE UPDATES: Derek Chauvin murder trial continues Tuesday
- Analysis: Why Biden is making more progress on economic than social issues
- Hoax device detonated near Manchester Central High School
- Doncic: ‘Don’t see the point’ of play-in tourney
- Temasek and BlackRock commit $600 million to invest in firms working to reduce carbon emissions
- Turkey’s economic turmoil drives Bitcoin frenzy
- African health workers left without Covid jabs as paltry supplies dwindle
- Hannity: Police are under attack but ‘you won’t see much outrage from the media mob’
- Your Tuesday Briefing
Common Symptoms Of COVID-19
The CDC has a collection of nine Roche antibody assays designed to provide rapid results from COVID-19 rapid antigen test. If you are a potential carrier of the human papilloma virus (HPV) and are looking for HPV testing kits for the home, it is important…
Things You Never Knew About The Best Water Purifier
Things You Never Knew About The Best Water Purifier: We all know the importance of having a water purifier at home, but not many people know the things they need to know before buying one. Most of the time, we miss out on the most…
Med hub smart pill, a device for patients having medicines intake in the daily schedule.
Med hub smart pill: The drug prescribed by a doctor will be effective if it would be taken at the right time suggested by the doctor because it is necessary for our healing process. When a patient takes too many medicians in a day also…
10 Best Effective Plants to Fight Pollution – Diwali Edition
Effective Plants to Fight Pollution: Few more months and the most awaited festival of the year will be here. We Indians love our festivals, and the biggest festival of India, especially north India, is Diwali. It is a massive affair here. It generally falls in…