Data Breaches. . . Again

Posted on

Another breach of Facebook databases left the sensitive and important data of over 267 million Facebook users exposed online at the end of 2019.  The hacked data included phone numbers, user IDs and names.

Another Breach

Over the course of 2019, Facebook exposed data from approximately 419 million Facebook users and 49 million Instagram users. Therefore, this new breach casts a shadow on an already grim picture.

The database was available to everyone on web, It did not require any form of authentication or password. Therefore, the data is like a gift to criminals.  Hackers could easily use it for malicious purposes like phishing attacks and SMS spam.

The data remained online for more than a week before its removal, and during that time anyone could have downloaded it.

How did the hackers breach data?

A security researcher proposed a theory about how the hackers accessed the data.  The theory is that they might have exploited a security hole in Facebook’s API. This could explain why there were able to create such a massive database. Another possibility is that the data was gathered without using Facebook APIs, by collecting it from public profile pages.

A Lesson in Precaution

Users don’t have control over whether social media companies get hacked. But they do have control over how much data they put on social networks to begin with and over how much they share privacy. Regardless of the causes of any particular hack or leak, widely-accepted best practices include limiting the amount of personal information shared publicly.  Users can do this both in choosing the content to share, and through the privacy settings on social media platforms themselves.  Users can make the conscious decision to restrict the sharing of private content and can make their accounts and profiles private.


Continue reading