Originally published at: https://tidbits.com/2018/09/28/50-million-facebook-accounts-hacked/
Facebook has acknowledged that attackers took advantage of the platform’s “View As” feature to breach the security of at least 50 million accounts. If you’re forced to log in again, you might be among the affected users.
50 million affected users is a lot in raw numbers, but it’s only about 2% of Facebook’s 2.2 billion active monthly users.
Remember, though, that access to someone’s Facebook account gives the miscreant access to the data for that account, most of the data for every “friend” of that account, and a lot of data for “friends” of “friends” of that account. It seems likely that the number of users whose data was exposed by this breach is at least an order of magnitude larger than 50 million.
An excellent point! Talk about a ripple effect. I have to assume that Facebook pays a huge amount of attention to security, since they must know that they’re one of the top targets in the world (along with Google, Apple, Amazon, and Microsoft), but it wasn’t enough in this case.
The ripples propagate.
Apparently, if you are one of the fifty million whose tokens were scarfed, and you were unfortunate enough to have used the “Log In with Facebook” feature of other apps, those accounts might be compromised as well:
1 Like
This issue points out the difference between Apple and Facebook on privacy. Facebook wants all of your private information in order to offer you convenience - but they get more tracking data and put you at risk. Apple wants to be your security partner and use their device in order to provide an extra layer of privacy and security.
Facebook is now saying that “only” 30 million accounts were affected. Which is better than 50 million, but still an insanely large number.
It’s a two edged sword. Of all the companies mentioned above, Apple is the only one focuses on privacy as a unique selling proposition. Facebook gets the biggest % of its revenue from advertising and promotions, and they are paying a lot of attention to security now primarily because governments are forcing them to. Or maybe they are being convincing about it?
For all Mark Zuckerberg, Sheryl Sandberg’s, etc., etc., apologies about flaws in their privacy systems and policies, I keep reading and seeing stuff about Facebook that make my hair stand on end (and I have long hair). Here are just two things in just the past month or so that almost made my eyes pop out of their sockets too:
Facebook Wanted Big US Banks To Hand Over Your Data
https://www.fastcompany.com/90214096/facebook-wanted-big-u-s-banks-to-hand-over-your-data
(IMHO, the only reason financial services companies haven’t signed up for this is because they would suffer federally regulated mega financial penalties if anything went wrong. Facebook said they haven’t used data like this, but they didn’t say they never would use it if they had access to it, or that they wouldn’t stop trying to get this information in future.)
And just a few days after the next to the last last big scandal, the two factor one, broke, they unveiled Facebook Portal:
https://www.fastcompany.com/90214096/facebook-wanted-big-u-s-banks-to-hand-over-your-data
Personally, I don’t want Mark Zuckerberg and Jeff Bezos hanging out in my home 24/7. And Facebook exists and has been wildly successful because it collects every bit of data on whoever, whenever and however that it can and sells it.
October 4This issue points out the difference between Apple and Facebook on privacy. Facebook wants all of your private information in order to offer you convenience - but they get more tracking data and put you at risk.
Facebook exists to sell advertising and data; they are first and foremost a data harvesting and sales company. They still hold off as long as possible on announcing any security breeches, and they haven’t exactly removed all the worst hate stuff. The more they do this, the more impact it will have on their bottom line. Facebook offers “convenience” because you are the product, whether or not you are a member.
Apple wants to be your security partner and use their device in order to provide an extra layer of privacy and security.
Apple exists to sell you very expensive hardware and services, and it’s becoming an increasingly good selling point.
Facebook got caught with its pants down once again, this time with just announced Portal. But I doubt if anyone actually believed they wouldn’t be using that Portal will be collecting:
It turns out that Facebook could in fact use data collected from its Portal in-home video device to target you with ads