The latest (and hopefully final) Facebook data breach of 2018 is arguably the social media company’s largest yet. The extent of its damage remains to be seen.
In what has shaped into a troublesome 2018 for social media giant Facebook, the company has found itself embroiled in the midst of yet another controversy after its Founder and CEO Mark Zuckerberg announced that data belonging to more than 50 million users was stolen in a recent cyber attack. It was said that hackers exploited a technical vulnerability in Facebook’s systems.
While the application itself (once described as being written in “PHP on steroids”) is generally safe, it hasn’t stopped hackers from trying to take it down over the years. The technical flaw that was uncovered was used to generate digital tokens, which allowed the hackers to gain access to a number of active accounts.
This Facebook data breach comes just months after the infamous fiasco with Cambridge Analytica, in which the data and personal details of millions of Facebook users were illegally acquired and used for political purposes. This particular incident drew the ire of many Facebook users—as well as users of other platforms—questioning the validity of online privacy policies and possible abuse of technology.
But this latest event is an entirely different animal. Described as “really serious,” the number of accounts impacted by this Facebook data breach is expected to top 90 million. Among those affected include Mark Zuckerberg, as well as the account of his Chief Operating Officer Sheryl Sandberg. Facebook officials were said to be probing the incident, and have also notified The Federal Bureau of Investigation (FBI) and the Department of Homeland Security.
Guy Rosen, Facebook’s vice president, described the vulnerability as a “complex flaw” in the application’s View As feature. This ultimately led to the unauthorized use, browsing and posting onto user’s timelines. Hackers were also able to lift information from third-party apps and other websites which allow syncing and authentication using Facebook credentials.
Following reports of this Facebook data breach, the company’s market shares plummeted more than three (3) percent. Cyber intelligence firms have also begun expressing their concerns. Justin Fier, the director of the company Darktrace, stated that such an incident could lead to very grave consequences.
The attack has also garnered the attention of US lawmakers, who are calling for legislation to protect the data and privacy of Internet users. US Senator Mark Warner said in an interview that it was high time that the Congress take appropriate steps to ensure the security and privacy of social media users.
“This is another sobering indicator that Congress needs to step up and take action to protect the privacy and security of social media users”
– Mark Warner, US Senator
The senator’s comments were in direct reference to the Cambridge Analytica issue, which saw the compromising of more than 87 million Facebook accounts. The event sparked widespread outrage, leading to a federal inquiry and prompting Zuckerberg to formally appear and testify before the United States Congress.
Facebook claims it is taking the necessary steps to resolve the matter. The digital tokens associated with the 50 million accounts have been reset, and the company has also temporarily disabled its View As feature. It has also the reset digital tokens for another 40 million accounts as a precautionary measure. Whether or not the damage to those Facebook accounts (and the Facebook brand, in general) can be contained remains to be seen. At minimum, users will be burdened to re-login to their accounts, and re-link to other associated apps that were previously streamlined through a process known as “single sign-on,” which aims for a cohesive user experience.