AXEL Network Products:

AXEL GO - share and store files securely.

LetMeSee - photo sharing app.

  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

AXEL.org

  • Network
  • Technology
  • Applications
  • Blog
  • About
    • Team
    • Press
    • Careers
    • Patents
  • Contact Us
  • Login
    • AXEL Go
    • AXEL Cloud

October 29, 2021

Devastating Data Breaches – Part 5: Facebook Dismisses Data Security

In the history of the Internet, no tech company may be more controversial than Facebook. Started in 2004 and initially limited to Harvard University students, Facebook quickly hit the mainstream as the premier social networking site. In just a few years, it overtook older sites like MySpace and Friendster, making it the go-to social network for hundreds of millions of people. However, this massive growth has not been without controversy.

Facebook has long been criticized for its record on privacy and security. From collecting mountains of information on individuals to its involvement in state-sponsored surveillance, Facebook’s record on privacy is shaky [1]. But even though billions are skeptical of Facebook and its security practices, it’s still the most popular social network in the world. Combined with its ownership of popular messaging app WhatsApp and photo-sharing app Instagram, Facebook has become one of the Silicon Valley giants where their main product isn’t a product or software, but users themselves. Because of this, it is in Facebook’s best interest to collect as much information as possible from its users. While this strategy certainly lines Facebook’s pockets with oodles of advertiser cash, it forces user privacy to take a backseat and puts user security at risk. Unfortunately, in 2019, this security risk became realized for hundreds of millions of people.

In honor of Cybersecurity Awareness Month, AXEL is writing about some of the worst leaks, data breaches, and ransomware attacks in history. Check out our previous posts about Yahoo, Marriott, Equifax, and Target to learn about what went wrong, what could’ve been done, and how each company responded to devastating data breaches.

Before The Breach

In 2019, Facebook was already facing the aftermath of another massive privacy mishap, the Cambridge Analytica scandal. With Facebook’s knowledge, Cambridge Analytica, a political data analytics firm, harvested data from 87 million Facebook accounts. It then sold this information to multiple United States presidential campaigns in order to inundate potential supporters with political advertisements [2]. 

Following the revelations of this data thievery, Facebook CEO Mark Zuckerburg even testified in front of Congress, along with taking out full-page advertisements in major newspapers, vowing to “ensure this doesn’t happen again [2].” Following an investigation, the Federal Trade Commission fined Facebook USD $5 billion, the largest fine ever levied by the United States government [3].

Put simply, Facebook was not seen in a positive light by many people. Its track record regarding data privacy had always been shaky, but this new scandal not only drew the ire of government officials, but the general public as well. After this scandal, all eyes were on Facebook to see if it would actually make changes to protect user privacy. Unfortunately, Facebook did not keep its promises for long. 

The Leak

In 2019, through a vulnerability in Facebook’s code, the personal data of 533 million Facebook users was stolen [4]. Concerningly, the perpetrators of this attack did not acquire the data through hacking or phishing, but simply by finding a vulnerability that allowed users to record millions of phone numbers from Facebook’s servers. In August 2019, Facebook patched this vulnerability, but was unaware of the stolen data. However, in April 2021, phone numbers of the 533 million users were posted to a hacking forum. This data mainly consisted of names and phone numbers, but some email addresses and birth dates were compromised as well [4]. Even worse, the data was posted for free on a public forum, meaning that any scammer or spammer with basic computer knowledge could access this stolen data [4].

While no financial or government data, such as credit card numbers or Social Security numbers, were posted, the release of phone numbers and corresponding names was a goldmine for scammers. Primarily, these cybercriminals could use this information to send phishing scams to unsuspecting users. While the attack could have been much worse, the leak of over half a billion phone numbers directly after Facebook’s previous data scandal was not received well by the general public.

Facebook did little to satiate the outrage following the leak. After the leak was publicly revealed, Facebook stressed that the leaked data was outdated (albeit, by only two years) and that the security flaw had already been patched. Additionally, Facebook refused to notify the affected users, stating that there was nothing that users could do to mitigate the consequences [5]. 

The Aftermath

While a leak that puts 533 million phone numbers at risk may sound like a big deal, for Facebook, it’s just a drop in the bucket of criticism the company has received regarding user privacy. After all, the Cambridge Analytica scandal forced Zuckerberg to testify before Congress. For Facebook, this is a run-of-the-mill data breach. In fact, in a leaked email detailing the company’s response to the breach, a Facebook employee stated “We expect more scraping incidents and think it’s important to both frame this as a broad industry issue and normalize the fact that this activity happens regularly [6].”

Unfortunately, it appears Facebook is not planning on making substantive changes regarding user privacy. This isn’t particularly surprising, as Facebook has become a giant because of its willingness to collect user information. However, just because Facebook is slow to change doesn’t mean you have to be a victim. You can protect your data by following simple cybersecurity tips, like not clicking unfamiliar links and double-checking email addresses. If Facebook isn’t going to protect your privacy, it’s up to you to do it yourself.

Protect Your Data with AXEL Go

Another way to protect your privacy is to use a secure file-sharing software. Offering industry-leading encryption and decentralized blockchain technology, AXEL Go is the best way to protect yourself or your business from unauthorized cybercriminals. Featuring a myriad of unique privacy features, AXEL Go is the best way to keep your data safe. If you’re ready to try the best protection, get two free weeks of AXEL Go here. 

[1] Greenwald, Glenn, and Ewen MacAskill. “NSA Prism Program Taps in to User Data of Apple, Google and Others.” The Guardian. June 07, 2013. https://www.theguardian.com/world/2013/jun/06/us-tech-giants-nsa-data.

[2] Meredith, Sam. “Facebook-Cambridge Analytica: A Timeline of the Data Hijacking Scandal.” CNBC. April 10, 2018. https://www.cnbc.com/2018/04/10/facebook-cambridge-analytica-a-timeline-of-the-data-hijacking-scandal.html.

[3] Nuñez, Michael. “FTC Slaps Facebook With $5 Billion Fine, Forces New Privacy Controls.” Forbes. July 24, 2019. https://www.forbes.com/sites/mnunez/2019/07/24/ftcs-unprecedented-slap-fines-facebook-5-billion-forces-new-privacy-controls/.

[4] Holmes, Aaron. “533 Million Facebook Users’ Phone Numbers and Personal Data Have Been Leaked Online.” Business Insider. April 03, 2021. https://www.businessinsider.com/stolen-data-of-533-million-facebook-users-leaked-online-2021-4.

[5] Farmer, Ryan. “Facebook’s April 2021 Data Breach Explained.” StrongVPN Blog. April 30, 2021. https://blog.strongvpn.com/facebook-data-breach-april-2021/.


[6] “Facebook Downplays Data Breach in Internal Email.” BBC News. April 20, 2021. https://www.bbc.com/news/technology-56815478.

Filed Under: Business, Cybersecurity Tagged With: business, cybersecurity, data breach, facebook, Social Media

Primary Sidebar

Recent Posts

  • AXEL News Update
  • AXEL Events
  • Why Digital Sharding is the Future of File Storage
  • The Practical Applications of Web3
  • Archival With the Future in Mind
  • IPFS: Securing Our Privacy Future
  • What Do We Do About Social Engineering?
  • Five Simple Security Tricks
  • IPFS: The InterPlanetary Solution to Small Business Problems 
  • Schools: Our Cybersecurity Blindspot
  • The State of Privacy Laws in 2022
  • The Great Return (Back to the Office)
  • Artificial Intelligence is Here to Stay. How Will That Affect Businesses, Individuals, and Our Privacy?
  • Big Tech is Talking Privacy. What Does That Mean for the Future of Our Data?
  • How Technology Changed Business (And What That Means for the Future of the Industry)
  • Small Business Tech Trends of 2022
  • After the Cyberattack: What Happens to your Data Following a Breach?
  • Has School Surveillance Gone Too Far?
  • What Does Cyberwarfare Look Like? Just Ask Ukraine.
  • National Data Privacy Day: The Internet isn’t Anonymous Anymore
  • AXEL’s Guide to Remote Work
  • How Law Firms Should Handle Cybercrime
  • National Technology Day: How Tech has Changed the Way We Live
  • The World’s Top Hacking Groups – Part 2
  • The World’s Top Hacking Groups – Part 1
  • 2021 Cybersecurity Year in Review
  • INTERVIEW: How COVID Changed the Courtroom (and the Future of Law)
  • Enron, Ethics, and the Fight for Privacy
  • The History and Modern Uses of Encryption
  • Self-Driving Cars are Here. Are Businesses, Consumers, and Lawyers Ready?
  • Cybersecurity Strategies for Small Businesses and Firms
  • Is Virtual Reality the Future? Facebook Thinks So.
  • Devastating Data Breaches – Part 5: Facebook Dismisses Data Security
  • Devastating Data Breaches – Part 4: How Target Changed Credit Cards
  • Devastating Data Breaches – Part 3: The Negligence of Equifax
  • Devastating Data Breaches – Part 2: Marriott’s Merger Misfire
  • Devastating Data Breaches – Part 1: The Hard Fall of Yahoo
  • Everywhere is the New Office: The Rise of Digital Nomads
  • Convenient or Monopolistic? Epic’s Challenge to Apple’s “Walled Garden”
  • The State of Privacy Laws in the United States
  • Big Tech’s Big Secret: Why Google and Apple Want Your Data
  • Data Privacy and Security Increase Profitability in the Cannabis Industry
  • Bitcoin has Entered the Mainstream. Now What?
  • Data Breaches are Here to Stay (For the Unprepared)
  • What the New Infrastructure Bill Means for Tech
  • Shady Schemes and Sinful Scams: The History of Internet Spam
  • Lawyers are the New I.T.: Tech Tips for Legal Professionals
  • For Here or To Go? Remote Work, Hybrid Offices and the Future of the Workplace
  • The Fallout of Edward Snowden and his Leaked Documents, Eight Years Later
  • Another Day, Another Cyberattack: Kaseya Software and the Future of Ransomware

Recent Comments

    Footer

    Sitemap
    © Copyright 2022 Axel ®. All Rights Reserved.
    Terms & Policies
    • Telegram
    • Facebook
    • Twitter
    • YouTube
    • Reddit
    • LinkedIn
    • Instagram
    • Discord
    • GitHub