July 2013 Facebook Data Breach
This Facebook data breach affected over 6 million users. In June of 2013, social media giant Facebook found a bug that had been exposing personal information of over 6 million users to unauthorized parties and viewers for about a year. Exposed personal data included email addresses and phone numbers of Facebook users. Anyone who knew even one piece of information could access the data. This technical glitch began in the year 2012. However, it didn’t come into notice until 2013. Before publicly announcing that Facebook’s data leaked, apparently it fixed the bug and reported the breach to those affected and regulators.
This marked the beginning of Facebook data breaches and the problems it faces with handling personal data.
The Cambridge Analytica scandal of 2014
This is one of the most talked about Facebook data breaches. The scandal began in 2014 when Cambridge Analytica, a data-driven startup asked users to fill in reviews on the Turkopticon website (a third party site for reviews for Amazon’s Mechanical Turk). It was followed by a task by Aleksandr Kogan that asked users to fill a survey in exchange for money. To fill in the survey, users were asked to download an application – thisisyourdigitallife – to their Facebook accounts.
The app then downloaded a huge amount of personal information, such as the user’s demographic data, likes, friend list and some private messages. The app broke terms of service of Facebook’s but remained in place till December 2015 by which more than information of over 85 million had been harvested by Cambridge Analytica. The data was later used for marketing-related activities and fake news stories.
July 2018 Facebook data breach
This Facebook data breach uncovered a new bug in the social media platform that overrides the blocklist of users. In yet another privacy failure, the social media giant admitted that more than 800,000 users were affected by this bug on Facebook and Facebook Messenger. The bug reportedly unblocked some of the people users had blocked. Facebook said that the bug was active for 8 days between May 29th 2018 to June 5th 2018 and while blocked users couldn’t see content shared with friends, they were able to see things posted to wider audiences.
When someone is blocked on Facebook, they can’t see things posted by you on your profile or start a conversation with you on Messenger. Moreover, blocking users also automatically unfriends them from your profile, if you were previously friends. They can’t even add you as a friend again.
In a blog post addressing the privacy breach, Erin Egan (Facebook’s Chief Privacy Officer) said in the case of this bug, it didn’t reinstate any friend connections that had been severed. About 83% of users affected by the bug had just one person they had blocked temporarily unblocked.
SEE ALSO: Facebook is building Instagram for kids, here’s why this is a really bad idea
December 2018
A developer by the name ‘Six4Three’, a bikini photo scraping startup, filed a lawsuit against the social media firm for taking down an API that eventually resulted in its closure. The lawsuit by Six4Three demanded compensation for misleading developers into using Facebook’s platform using the API which was later pulled down. The application in question here is Pikinis, which was supposed to gather photos of women in bathing suits and show them in a ‘consolidated’ way. On 5th December 2018, the US Parliament released documents which were obtained in the probe of Six4Three. The document highlighted 5 main points:
- A whitelisting agreement was signed between Facebook and Netflix, Lyft, Bumble and Airbnb (amongst others) that allowed full access to friends data to these companies after Graph API v1 was discontinued. Damian Collins (the Member of Parliament who issued the order compelling the document handover) said that it was unclear if there was any user consent taken for this or how the social media company decided which companies should be whitelisted or not
- One of the main drivers behind the Platform 3.0 changes at Facebook, according to Collins, was increasing revenues from the big app developers. The linking of friends data to the financial value of the relationship of developers with the platform was found to be a recurring feature of the documents
- Data and information reciprocity between app developers and Facebook was a key focus for Platform v3’s release. Zuckerberg kept discussing charging developers in exchange for access of API access for friend lists
- The documents also constituted certain things discussed like how changes to the Android app of Facebook requesting permissions to collect texts and calls sent by users might be controversial. Moreover, ne project manager also stated that ‘from a PR perspective, this is a pretty high-risk thing to do’
- Onavo, a famous data-saving and VPN service app which was acquired by Facebook in 2013 was used by the tech giant to collect data. It was used by Facebook to survey the use of mobile applications on smartphones. Collins says that this ‘apparently’ occurred without knowledge and was used by Facebook to analyze which companies to treat as a threat and which ones to acquire. This was also found to be violating the privacy rules of Apple
Facebook’s data breach of March 2019
In March 2019, Brian Krebs, a cybersecurity expert reported that the social media company has been storing passwords of millions of users in plaintext files. These files were accessible to over 2,000 employees of Facebook. The social media company didn’t say why or how it had been saving user passwords in such a manner. Later, it was discovered that passwords of millions of Instagram users were also saved in the same manner. The total number of affected Instagram and Facebook users is estimated to be at least 600 million. The actual number might be much higher.
December 2019
This Facebook data breach was discovered by Bob Diachenko, a cybersecurity expert. Diachenko reported that the breach was an outcome of Facebook API abuse or an illegal scraping operation by Vietnamese hackers. Originally, the estimated number of affected users was 267 million. In March 2020, it was found that a 2nd server containing additional 42 million records was scraped by the same group of criminals. So, in total, the breach exposed names, phone numbers and user IDs of more than 300 million Facebook users.
Facebook privacy leak of July 2020
In July 2020, Zuckerberg-led company admitted to sharing user data with about 5000 third-party app developers, even after the expiry date of data access authorization. Facebook said that it had fixed the issue, however, a mistake allowed 5,000 developers access to receiving user data for longer than the expiry date. The social media company, which has over 2.6 billion monthly active users, didn’t comment on how many users were impacted by this or if they’ll be notified individually.
Facebook data leak 2021
The most recent data leak Facebook came in light for happened in April 2021. In this data breach, personal data of more than 533 million users of Facebook had been posted on a website to be misused by hackers. This Facebook data breach was reported by Alon Gal – Chief Technology Officer of Hudson Rock. The data breach had a lot of personal information of users exposed, including their full name, date of birth, gender, email address, phone number, Facebook IDs, Facebook bios, location and job status. The Facebook data leak 2021 included records of 6 million users from India, 11 Facebook users from the U.K. and 32 million users from the U.S.
Conclusion – Facebook and data breaches
The only thing clear from this list of Facebook data breaches is that your data is not entirely safe. So what can you do in order to keep your data protected? Well, the easiest (and at the same time, toughest) way would be to delete your Facebook account. Another way could be by deciding to not share any information that could harm you in the future. Don’t share anything on the platform that you do not want to end up being available publicly. Moreover, enable two-factor authentication for an added layer of security.
SEE ALSO: Facebook data leak 2021: Data of 533 million users exposed online
For more latest IT news and updates, keep reading iTMunch
Image Courtesy
Featured Image: Background photo created by jannoon028 – www.freepik.com
Image 1: Man photo created by standret – www.freepik.com
Image 2: Image by Coffee Bean from Pixabay
