Technology

Facebook finally explains leak of personal data of more than half a billion people

Facebook says that a vast trove of personal information, uploaded freely to the internet, was harvested as part of a feature gone wrong.

The data was not stolen in a hack but instead through malicious users of its “contact importer”, it said. Though that feature was intended to allow people to upload their contacts from their phone to Facebook, and find people they might know, malicious actors were able to use it to scrape the personal information of people who were already on the platform.

That happened before September 2019, Facebook said in a blog post, and the bug that made it possible has now been fixed. But over the weekend it became clear that the data had become availably publicly online, vastly increasing the risk that anyone involved in it might face.

That includes 535 million accounts, which belong to people including chief executive Mark Zuckerberg. Online tools allow anyone to check if their information – including their phone number – is part of the leak.

Facebook’s explanation for the data explains why some of that data was initially hard to understand, and it had taken longer than usual for researchers to uncover and explain its full size. The data was not stolen from Facebook directly, but instead “scraped”, using automated software to gather information that had been intentionally or accidentally made public.

Read more:

  • Aliens would be ‘friendly but we can’t gamble on it’ 
  • Scientists connect human brain to computer wirelessly for first time ever
  • Nasa reveals Easter eggs hidden on Mars perseverance 
  • Scientists may have found a special black hole that could change our understanding of the universe

“This is another example of the ongoing, adversarial relationship technology companies have with fraudsters who intentionally break platform policies to scrape internet services,” Facebook said in a blog post. “As a result of the action we took, we are confident that the specific issue that allowed them to scrape this data in 2019 no longer exists.”

It said that the information “did not include financial information, health information or passwords”.

INDY/LIFE Newsletter

Be inspired with the latest lifestyle trends every week

Please enter your email addressPlease enter a valid email addressPlease enter a valid email address SIGN UPThanks for signing up to the INDY/LIFE newsletter{{#verifyErrors}} {{message}} {{/verifyErrors}} {{^verifyErrors}} {{message}} {{/verifyErrors}}I would like to be emailed about offers, events and updates from The Independent.

Read our privacy notice

INDY/LIFE Newsletter

Be inspired with the latest lifestyle trends every week

SIGN UPThanks for signing up to the INDY/LIFE newsletter{{#verifyErrors}} {{message}} {{/verifyErrors}} {{^verifyErrors}} {{message}} {{/verifyErrors}}I would like to be emailed about offers, events and updates from The Independent.

Read our privacy notice

Facebook said that it was “working to get this data set taken down and will continue to aggressively go after malicious actors who misuse our tools wherever possible. While we can’t always prevent data sets like these from recirculating or new ones from appearing, we have a dedicated team focused on this work”.

It also advised people to check their privacy settings, to ensure that information is locked down and can’t be scraped. It also advised users to turn on two-factor authentication, which adds extra checks when people log in, and should help protect against hacks.

Source:

www.independent.co.uk

Show More

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button