Posted by Megan Duffy.
At the end of September, Facebook announced that the personal information of approximately 50 million users was put at risk after its computer network suffered a security breach. Three problems in Facebook’s software appear to be what allowed the hackers to compromise user accounts in the largest breach since the company’s founding 14 years ago. The first two bugs were introduced in a tool designed to offer more privacy for users. The third was introduced in a tool created in July 2017 meant to help users upload birthday videos more easily and compounded the problems created by the first two. The exact time that the attack took place is not clear, but it seems to have been after third bug was introduced. The breach was discovered by the company in the week before it was announced. The company has not been able to determine the exact identity or origin of those responsible, nor if the attack was meant to target particular users. It’s possible that the attackers were able to take control of the user accounts, which would also give them access to the hundreds of other apps that offer logging in with Facebook as a way to use their services. The company is unsure of to what extent the attackers were able to access these third-party accounts. With the announcement, Facebook also said that it had corrected the issues and notified law enforcement officials.
The attack is not the first incident to draw criticism towards Facebook and the way the company handles user data and disinformation spread on the platform. Facebook, along with other social media outlets, was used to push a campaign by Russian operatives to spread false information surrounding the 2016 presidential election. The company was criticized for being slow to respond to what was happening and acknowledge the abuse of the platform. Sheryl Sandberg, Facebook’s chief operating officer, testified before a Senate committee last month about the actions being taken to keep the same turn of events from affecting the midterm elections this November. Another instance that drew criticism took place in the past year when it was discovered that Cambridge Analytica, a British analytics firm, gained access to millions of users’ personal information. Mark Zuckerberg, co-founder and chief executive officer of Facebook, also testified in a congressional hearing about the company’s role in the breach. The problems with disinformation and security on the social network have led to calls from lawmakers for more regulation on the platform and others like it. An article in the New York Times by Mike Isaac and Sheera Frenkel, entitled “Facebook Security Breach Exposes Accounts of 50 Million Users,” described the criticism, saying, “‘This is another sobering indicator that Congress needs to step up and take action to protect the privacy and security of social media users,’ Senator Mark Warner, a Democrat from Virginia and one of Facebook’s most vocal critics in Congress, said in a statement.”
Discussion about how the government might become more involved in ensuring privacy and security on social media has also drawn attention to how significant the role the personal information that can be found online can be in society overall. Placing any information on the Internet comes with the inherent risk of somehow being made accessible by others. However, this risk is becoming more prevalent as utilizing the Internet and the platforms it makes available are an ever-growing part of our everyday lives. April Doss, chairwoman of cybersecurity at the law firm Saul Ewing, commented on the effect of social media specifically in the article, saying, “This has really shown us that because today’s digital environment is so complex, a compromise on a single platform – especially one as popular and widely reaching as Facebook – can have consequences that are much more far-reaching than what we can tell in early days of the investigation.” According to the same article, “‘Breaches don’t just violate our privacy. They create enormous risks for our economy and national security,’ Rohit Chopra, a commissioner of the Federal Trade Commission, said in a statement. ‘The cost of inaction is growing, and we need answers.’”
Megan is a business law student at the Stillman School of Business, Seton Hall University, Class of 2021.
Isaac, Mike, and Sheera Frenkel. “Facebook Security Breach Exposes Accounts of 50 Million
Users.” The New York Times, The New York Times, 28 Sept. 2018,