![]() ![]() The statement further admitted that “attackers exploited a vulnerability in Facebook’s code that impacted “View As” a feature that lets people see what their own profile looks like to someone else. Rather, Facebook stated that it began “logging users out” on the evening of September 27, 2018, but did not provide Users with any reason for being logged out. According to the statement and subsequent press call, Facebook learned of the breach as early as September 16, 2018, but has not yet directly informed or notified Facebook Users that their Personality Identifiable Information (PII) may be compromised as a result of the breach. Facebook publicly disclosed details of the September 2018 Data Breach for the first time in a statement on September 28, 2018. By the end of 2017, Facebook had more than 2.2 billion active Users.Īs part of the sign-up process and as a consequence of interacting with their social network, Facebook Users create, maintain, and update profiles containing significant amounts of personal information, including their names, birthdates, hometowns, addresses, locations, interests, relationships, email addresses, photos, and videos, amongst others (“Personal Information”).įacebook recently revealed that its Users’ Personal Information was subject to a massive data security breach in September 2018, affecting approximately 50 million Users (“September 2018 Data Breach”). Facebook purports to allow its users (“Facebook Users” or “Users”) the ability to share and restrict information based on their own specific criteria. Facebook also develops technologies that facilitate the sharing of information, photographs, website links, and videos. (“Facebook”) operates a social networking website that allows people to communicate with their family, friends, coworkers, and acquaintances. "Thieves can also leverage the leak by cross-referencing data with other pieces of information contained in other stolen datasets to build a more complete profile of targets.Facebook, Inc. “Hackers can use phone numbers in the leak, for instance, to run social engineering scams such as SIM-swapping, in which they trick mobile carriers to transfer someone’s phone number to their own device in order to carry out fraud, such as gaining access to someone’s bank account, or resetting their email and social media accounts’ credentials," Cyberscoop wrote. Though the information is old and does not include passwords, Cyberscoop reports the data being circulated freely is still concerning. Facebook had not issued any other statements as of Security Management's press time. In a statement over the weekend, Facebook spokesperson Liz Bourgeois confirmed that the information is from the 2019 leak, and that the vulnerability was fixed in 2019. The 2019 data leak was not the result of a hack, but rather the exploitation of a Facebook server that was not password protected and available online. ![]() The data matches Facebook user IDs with names, locations, birthdates, phone numbers, email addresses, and, in some cases, biographical information. Alon Gal (Under the Breach) January 14, 2021 This obviously has a huge impact on privacy. Now the entire database has been posted online and is freely available, according to Business Insider.įew days ago a user created a Telegram bot allowing users to query the database for a low fee, enabling people to find the phone numbers linked to a very large portion of Facebook accounts. Earlier in 2021, in a last attempt to wring money out of the breach, someone built a bot that for a low fee provided the phone number of any of the 533 million Facebook users impacted by the breach. The Washington Post reports Gal as saying the leaked database generated tens of thousands of dollars. Initially, once verified, the information sells for a relatively high price. The breach is back in the news because over the weekend, Business Insider reported that Hudson Rock Chief Technology Officer Alon Gal discovered that even the low bar of having to pay a few dollars for a trove of personal data on Facebook users no longer exists. You are forgiven if you do not remember the incident-there have been many data breaches and cybersecurity incidents in the months since. In 2019, security researchers discovered personal information on more than half a billion Facebook users for sale on the Dark Web.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |