News brief Data from 87 Million Facebook Accounts Exposed
Facebook recently announced that political consulting firm Cambridge Analytica obtained information from up to 87 million accounts without their users’ consent. Experts believe that collected data could include locations, interests, photos, status updates and more.
Facebook applications and third-party services can normally request access to an account’s information in order to add functionality or advertise products. However, experts allege that Cambridge Analytica violated Facebook’s terms of service by using the data to direct political campaigns and influence voters.
These allegations have highlighted concerns about data security, social media privacy and Facebook’s data protection practices. In order to keep your personal information safe, it’s important for you to be aware of how it can be exposed and what steps you can take to ensure you control access to your data.
Timeline of Events
In 2014, University of Cambridge researcher Aleksandr Kogan created a Facebook personality quiz that gave him data on approximately 270,000 Facebook users. At the time, Facebook’s terms of service also allowed Kogan to access data on these users’ friends – a total of 87 million accounts.
Although Kogan told users that their information would only be used for research, he later worked with Cambridge Analytica to market the data to political groups. While many experts speculate that Cambridge
Analytica’s clients used this data to direct political messages and influence voters, investigators have yet to confirm if or how the data was used.
Facebook learned that Cambridge Analytica possessed the data in 2015 and requested that all copies be deleted. However, in March 2018, a number of news sources reported that the consulting firm kept and continued to use at least a portion of the data for its business practices. As a result, Facebook’s data protection practices are now under investigation by regulators.
Protecting Your Data
Many social media users assume that their personal information is safe, but this scandal has shown the importance of re-evaluating online security. Hackers can use data posted on social media to engage in identity fraud, social engineering schemes and more. Here are some tips you can use to secure your data on social media platforms:
- Check Facebook’s webpage about the exposed data to see if Cambridge Analytica obtained any of your
- Go through all of the privacy settings on each of your social media accounts to see if the security
features or terms of service have changed.
- Always assume that any information you post online can be shared with the public.
- Enable two-factor authentication on all devices and services that offer it.
- Create strong passwords and update them regularly.
Facebook Security Breach Affects Nearly 50 Million Accounts
On Sept. 28, 2018, Facebook announced that nearly 50 million user accounts were compromised in a data breach. The breach, which can be traced back to July 2017, is one of the largest in the company’s 14-year history.
While investigations are ongoing, the company said hackers exploited a software vulnerability in Facebook’s "View As" feature to steal access tokens and gain control of user accounts. Access tokens are effectively digital keys to specific accounts, and stealing them allows attackers to view private posts or compose status updates without the knowledge of the affected user.
In addition, the attack allowed the hackers to see anything that users can see on their own profile, including the names and birth dates of friends and family members. Such information could be used in future phishing attacks.
In response to the attack, Facebook reset 90 million logins automatically, fixed the software vulnerability and informed law enforcement officials. While the company says that users do not need to change their passwords, individuals experiencing login issues should navigate to Facebook’s Help Center.
This Erhardt Holt, LLC document is not intended to be exhaustive nor should any discussion or opinions be construed as legal advice.
Readers should contact legal counsel for appropriate advice. All images are from Google Images.