533 million people, Facebook users, were exposed over the weekend, when a security flaw in the most famous social network caused users' private data to be published for free.
Facebook, the largest social network in the world, with more than 2 billion users worldwide, has just leaked the private data of a total of 533 million users on the network. The researcher who reported the security breach says he is waiting for Facebook's response recognizing this “absolute negligence” in the management of user data.
alon gal, co-founder and CTO of Hudson Rock, a ransomware cybersecurity firm, notes that the leaked data includes first and last names, phone numbers associated with the Facebook account, email addresses, addresses and geographic locations, date of birth, among other private data that the company manages.
Until now, Facebook has not made any statement in reference to the leak of such a large amount of data, and it seems that it did not take the trouble to inform the affected users of said data leak, which happened about 3 months ago.
It may interest you: Facebook plans one more attack on the privacy of its users through WhatsApp
Recurring security flaws on Facebook
As Gal explains, the vulnerability that allowed the platform's data to be leaked was discovered in 2019, and according to the social company, it was “patched” at that time.
Gal pointed out that The data was leaked in January of this year, and which have been rolling for 3 months on different payment platforms on the web, but it was not until now that they became public domain.
Bit2Me News has reported on the recurring security flaws that occur on Facebook, a major social network that handles the private data of billions of users around the world, and that seems not to care about its handling of these beyond his own benefit.
At the beginning of June of last year, Facebook published a statement stating that “by mistake” it allowed 5.000 developers to continue accessing the data of network users. Also, in 2018 the company was accused of extracting and selling the data of European users on other continents; something that Facebook accepted as a “measure” to avoid the application of the European Union Data Protection Regulation (GDPR). As if this were not enough, the Mark Zuckerberg, founder of Facebook, sent a letter to the United States Senate acknowledging that they monitor users, even those who do not have an account on the social media platform.
With all these security flaws, and with all the unethical actions that Facebook has taken throughout its history, it was to be expected that regulators would take a fairly firm position against the issuance of a digital currency by this company. .
Facebook and its digital currency
The social media giant announced in 2019 that it would launch a digital currency to “reinvent money.” The plans considered a global digital currency, accompanied by an app, that users could use to make payments and cross-border transactions to their family, friends and other acquaintances anywhere in the world. However, despite the company's enthusiasm for its project, regulators around the world expressed only skepticism about the currency, and quickly came out against it.
The reasons? The mishandling that the company has carried out with users' personal data, and the same mishandling that it will surely give to financial data; exposing users to risks of theft, outright loss of their funds and capital, and more.
The refusal of regulators to issue a digital currency by Facebook, and the strong demands that it comply with high security and protection parameters, have caused important initial investors to abandon the project; such as Visa, Mastercard, Vodafone, Uber, eBay and many others.
Recently, Facebook presented a less ambitious digital currency project than the initial one and even changed the name of the currency, from Libra to Diem, and of the app, from Calibra to Novi, in search of acceptance from regulators. Even so, regulators refuse to see this project come to fruition and authorize the issuance of the currency.
Data Breach Risks
Although for some it may seem minor, a data leak is in itself a very worrying failure for the security of those involved. As data contains personal and detailed user information that has been left in the public domain, it is most likely that phishing and social engineering attacks will begin to occur that will seek to scam unsuspecting users.
On his Twitter, Gal comments that there will be malicious people who will undoubtedly use the information leaked by the company to try to scam or hack users.
In November last year, Facebook began taking rather hypocritical actions by banning the #Bitcoin hashtag. According to the social network, the actions were taken as a way to protect its billions of users from “risky” investment in this cryptocurrency. While in reality, its concern for user security should focus on protecting the data it handles.
Continue reading: G7 continues to prevent Facebook's Libra from being launched without first respecting regulations
