Facebook revealed last week that its 2.2 billion users should consider that their public profile data have been jeopardised by malicious third-party scrapers.
CEO Mark Zuckerberg admitted that “malicious actors” have taken advantage of their search tools to uncover the identities and collect available information from billions of users globally.
This is another huge blow to the social media giant, as it comes on the heels of a recent scandal they got entangled with. Less than a month ago, consultancy firm Cambridge Analytica was caught exploiting personal data from tens of millions Facebook users which were used in Donald Trump’s presidential campaign.
Zuckerberg added, “It’s clear now that we didn’t do enough, we didn’t focus enough on preventing abuse… We didn’t take a broad enough view of what our responsibility is, and that was a huge mistake.”
The social media company has disabled the featured that allowed anyone to look up Facebook users by inputting their email address or phone number in the websites search bar – enabling would-be hackers to scrape public profile data.
Hackers could use the data to target specific individuals through social engineering schemes or other cyber attacks.
Theoretically, hackers can buy stolen personal data from the dark web and try to link them with the data that could be pulled up from Facebook’s search feature.
This could then allow them to access other information – like full names, photos, or locations – linked to the email addresses or phones numbers posted publicly on Facebook.
The collected data could then be used by hackers to target specific individuals through social engineering schemes or other cyber attacks. What was once thought of as a helpful feature to search for one’s friends or peers has turned into a goldmine for hackers
Facebook Chief Technology Officer Mike Schroepfer confirmed that majority of Facebook users could have been compromised based on the scale and sophistication of the activity they’ve seen on their network.
As mentioned earlier, the search feature has already been removed and the only data scraped by hackers were limited to those which were publically viewable.
Zuckerberg argued that this feature was initially for gathering user data for a business model, adding, “People tell us that if they’re going to see ads, they want the ads to be good.”
In addition to disabling the search feature, Facebook also restricted third-party applications from retrieving user information regarding relationship status, religious and political affiliations, work and education history, habits, interests, video browsing, and games – all the data businesses use to build their customers’ taste profile.
Facebook also intends to inform those affected by the Cambridge Analytica data leak. Facebook revised those affected to more than 77 million users affected, up by 74% when compared to the previously reported 50 million.
Comprehensive multi-device protection for you and your family for up to 6 PCs, Macs, Android, and iOS devices. For more info click here.