Remember the catchphrase “This is Your Digital Life” in the Cambridge Analytica scandal? Now Facebook faces another major backlash.
Over the weekend, the world was informed that Facebook had leaked the personal information of over 533 million users across 106 countries, including 32 million records in the US, 11 million in the UK and six million users in India.
The leaked personal information includes names, phone numbers, dates of birth, location data, Facebook IDs, biographical details and, in some cases, email addresses. The data had been published by a user in a hacking forum for free.
According to Facebook, the data was actually information that had been scrapped when the firm patched a vulnerability some time back in 2019, which involved the Cambridge Analytica scandal where 80 million users were targeted for political ads in the 2016 US elections.
The excuse that the data is not current would come as no comfort to the hundreds of millions of people whose data are now being given away for free on hacker websites and the Dark Web. With just a bit of sleuthing, highly resourceful scammers and hackers can cross-reference much of the data with other sources and derive useful information that can be used for malice.
One cybersecurity expert from the Synopsys Software Integrity Group, Tim Mackey, said: “When your primary asset is data, that asset is going to be valuable to more than just you. If that data is stolen from one criminal enterprise, that criminal group might not protect their data and it could easily be stolen multiple times. Effectively, data security is only as good as the weakest link.”
The people most interested in keeping data secure are the data owners (us) and the businesses that are given access to that data. Mackey concluded: “We should limit the data we share to only what’s required, and hold those with whom we share our data accountable for its safe-keeping.”