A Breach That Ripples Far Beyond Facebook

from NYTs

If I did not need Facebook to do my job, I would be deleting it right now.

While everyone was riveted by the drama over Judge Brett M. Kavanaugh’s potential confirmation to the Supreme Court, Facebook dropped a bombshell: Hackers had broken into at least 50 million of its accounts. The company’s chief executive, Mark Zuckerberg, and his deputy, Sheryl Sandberg, were among the victims, according to my colleagues Mike Isaac and Sheera Frenkel.

For the past year, I have been covering technology in India, which has more Facebook users than any other country. Before that, I was a reporter in our San Francisco bureau, where, among other things, I wrote a lot about both Facebook and security breaches, including two separate heists of Yahoo data that left all three billion of its accounts compromised.

In this breach, I was one of the 90 million people who were suddenly logged out of their accounts by Facebook — the company’s far-too-subtle way of letting me know that my account might have been compromised. (Facebook, you could at least have sent me a message along with all the spammy ads you send me on Messenger.)

More here.

, ,

15 Responses to A Breach That Ripples Far Beyond Facebook

  1. Jordan H October 10, 2018 at 8:03 pm #

    Facebook has been one of the most popular social media sites on the planet for nearly a decade. As such there are hundreds of millions of Facebook accounts with information that is either private or sensitive. Over the last few years there have been multiple instances where accounts have been hacked or fake accounts have been used to manipulate public opinion. Having sat in front of a committee to explain why user’s information was shared without permission is no laughing matter, and is actually quite serious. The security of Facebook accounts needs to be a higher priority for the company, because every time they are breached it reflects poorly in the price of their stock.

    The author, who works in India, points out that many Indians are not bothered by the hacks. More Facebook accounts are registered in India than any other country according to Vindu Goel, the author of the article. As far as they are concerned there is no real threat from having the information available on their Facebook account breached because of the new form of identification recognition that is being pioneered in India. In the United States it is much different, logging into other applications can be done through Facebook. People can link their Instagram and Twitter accounts through their Facebook account, allowing a hacker with your login credentials access to more than just your Facebook account.

    I personally have not posted on my Facebook account in years and do not have it linked to any of my other social media platforms. That being said I also do not have any sensitive information that could be useful to a hacker on my Facebook. It would make sense to me, for better security measures to be put in place making it harder for these hacks to happen. With such lax security it seems like only a matter of time before someone uses false information on Facebook to conduct illegal activities, like influencing a presidential election for example. I have faith that even if something like that were to happen there would be consequences for anyone found to be involved in such a scheme. But then again maybe not.

    • Marissa Sarden October 15, 2018 at 2:37 pm #

      Facebook has a reputation for compromising the privacy of millions of users. Many of those users involve companies, working americans, and even children with valuable information embedded in the app. The information includes mother’s maiden name, birth dates, and cell phone numbers. With personal use, two-step authentication, fingerprint access code, and security questions were added to the logging in process and those efforts did not work because personal information is still being shared.
      These security breaches give facebook a terrible reputation and room for someone else to join the market of social media with a more reliable security system. Americans enjoy their privacy but are more willing to provide their personal information when it comes to social media. Think about how many time you subscribed to a website, Did you read the privacy conditions?
      Americans have to be more educated on where they put their information. Deleting your facebook is a smart decision if you want things to remain private. When reading disclosures and privacy notifications, they state clearly what is being shared, it is the company’s responsibility to protect our information not sell it for a profit. Consumers are constantly using search engines for purchasing products and moments later you use another social media website and the advertisement for the product you were just searching for pop us, is a representation of lack of privacy in a world of technology.
      Consumers use facebook to link with other websites and applications. As a consumer who values privacy, linking my personal information to those websites might seem convenient at the moment, but in the long-run there is more to lose.

  2. Hannah Roselli October 11, 2018 at 9:51 am #

    Facebook is one of the largest social media platforms in the world today, there are millions of people who stay connected and communicate through Facebook. However, in the past there was a privacy breach that shrunk the number of people who were actively using Facebook. Once everything within the breach was cleared up, Facebook began becoming largely used again. However, Facebook had another breach happen. 90 million people were logged out of their Facebook accounts which was the leading sign into allowing them to realize they have been hacked.

    This hack was not the usual hack that social media platforms usually experience. During this hack with the login information the hackers obtained, they were able to go into other accounts that were linked with the victims’ Facebook. My friend was a part of this hack, and he had to recover his Facebook account and his Instagram account had to be recovered as well. The hacker was able to hack into his Instagram as well since it is linked with his Facebook account. My friend who was involved in this primarily uses both social media forms for his work. On Instagram he has over 15,000 followers as well as on Facebook, so this was something serious for him because his followers and clients were seeing inappropriate posts on his accounts even though they weren’t him.

    Since Facebook has been having multiple privacy issues, consumers will be using Facebook less, and maybe even deactivating and deleting their accounts. However, Facebook is used largely in India and the people who are familiar with Facebook there do not seemed to be bothered by the hack so they will remain using Facebook regularly. Personally I am not a big Facebook user, I only use it to keep up with my friends and my family. I am not huge on posting on Facebook, and I do not even log in everyday. However, I just joined a network marketing job so I will have to be using Facebook and technology more, and I can honestly say I am a little nervous to be using Facebook now especially for something like work due to the privacy issues Facebook has had over the years.

  3. Kent Flores October 11, 2018 at 2:09 pm #

    It is hard to believe that so many people of my generation are so ignorant when it comes to protecting their virtual lives. Many of my peers grew up in a world where the internet became a norm and everyone seemed to be on it 24/7. Even in school, students learn how to go through the internet and search up simple questions with the help of google and even how to make colorful powerpoints with every little type of effect possible. Yet, teachers do not teach their students how to protect themselves online, they do not teach them how the internet works, how to secure a VPN, how to make sure you do not get hacked, and how to protect yourself in case you do get hacked. Teachers do not teach these necessities to their students, because they themselves do not know how to protect their online lives. Tech companies such as Apple, Microsoft and HP, all sell their users data is some type of way in order to make a profit from their customers, and they even partner up with social media websites such as Facebook, Instagram, Snapchat and so on so forth. All these companies love it when their customers are ignorant about their online security. These companies go to extreme lengths of even making 20 page contracts that are so fine print that almost nobody would read them. Most people just accept the terms and conditions of these contracts and believe that these companies will be ethical and will not sell their data just to make money. I too, was one of these types of customers in which I believed that Facebook, for example, was on my side and served my interest. I did not believe that there was even a way of protecting myself from being hacked or even after being hacked, until Professor Shannon told my class of ways to protect your online life. Professor Shannon hit me with the realization that I have to be as, or even more, careful with my online data as I am with my real life data. As soon as I heard about what to do from Professor Shannon, I quickly proceeded to secure my privacy in Facebook setting. Now, more than ever, I research on ways to protect my online life, in order for my data to not fall in the wrong hands.

  4. Jake Malek October 11, 2018 at 9:18 pm #

    I was somewhat familiar with Facebook unsecure services as I watched the Mark Zuckerberg Senate hearing. The Senate hearing brought huge attention to the Facebook security flaws and truly introduced people to the idea that Facebook and any data put on Facebook was accessible to a hacker willing to work for it, which was concerning to hear. Facebook is one of the largest social networking platforms and is used by over 2.2billion people. With such a large number of users, and valuable information expressed, Facebook is the perfect source for hackers to hit. While I initially believed my information was safe and secure on Facebook, I was shocked to hear of Facebook’s involvement in sales of personal information (which they later apologized for, confirming their action). I think a lot of people take Facebook to be a very secure website that they can trust and put personal information on.

    I was always weary when putting information online and I think some data leakage cases such as these are what brings attention to how much data others are putting online. Hackers are becoming more and more advanced with their techniques and skills and I jut hope Facebook is always one-step ahead of them as they have a plethora of secured information on their platform.

    It was interesting to read about India and how integrated Facebook is into their culture. To see a culture that uses Facebook as such a predominant tool for not only their personal life but also the main page for their company, I was shocked. But those are the types of environments where hacking breaches would be most dangerous. Getting onto a business page where items are bought and sold can cause major breaches of personal information including credit card information and more.

    I agree with Kent above when he writes how internet safety should be taught in schools to help mitigate such dramatic breaches. If more people understood the consequences that could occur if too much of their personal information was put online, I believe they would limit what they share on the internet.

    Overall I think this was a very eye-opening article that really shows how vital and serious internet safety is. Some companies solely operate through Facebook and to have hackers repeatedly breaching their servers and getting personal data is unacceptable. Everyone should take a moment and consider what they are putting on the internet.

  5. Tirzah K. October 12, 2018 at 5:42 pm #

    This past week Facebook had yet another breach of their user’s login information. For some users, that information included their birth dates, employers, and education. A cause for the breach was introduced by Facebook itself, in their attempt to make it easier for their users to post Happy Birthday videos. Enough is enough. Facebook is international and used by millions for everything from entertainment to conducting business. It seems harmless that someone’s log-in information was stolen; but, the reality is that that information is a key to further sacred information. People’s birthdates and in some cases birth years are posted. People like to be thought well of so they often list a school that they’ve attended and a degree that they earned. While most people won’t post their street address, they will post the town in which they live and FB gives the option of adding a hometown. Furthermore, Facebook users are posting pictures of themselves and their families. On Facebook, it’s possible to link family members and give the world the exact explanation of who a person is and what connections they have to the users. Even though people willingly put this information out, it is still extremely dangerous in someone else’s hands. People use their FB log-in as a fast and easy way to log into other accounts. For instance, a person can use their FB log-in to sign into their bank accounts, credit card accounts, even using the same user-id and password across all of their accounts because it’s easier to remember.

    The article mentions how Indians from India use FB for business purposes and they rely on the networking that they receive through FB for their livelihood. It is also suspected that Facebook was used as a means of altering American elections. Many people have purchased stock in the company because it is such a successful form of social media. The bottom line is Facebook president, Mark Zuckerberg, needs to do better with safeguarding peoples private information. There have already been one too many breaches and a breach affecting 30 million users is certainly no laughing stock. There needs to be layers of security and if even one layer is breached, a notice should be sent to the user immediately to have them change their password. People shouldn’t have to worry that a program that’s allowing them access to friends, family and the ability to network across the world, can potentially cause their ID to be stolen!

    More important, is that, people should start safeguarding their own information. Facebook can be a little too personal. Photos can be stolen and reused without a user’s permission. Posting live videos and vacation pics can let a thief know that the users home is unoccupied and can be targeted. Perhaps, people should go back to having face to face meetings with family and friends instead of posting online; and, that would make a major dent in having their personal lives intruded upon.

  6. Henry Steck October 12, 2018 at 6:51 pm #

    I work for the Stillman School’s Student Managed Investment Fund (SMIF). We own Facebook (FB) and have for a while. The last twelve months have been a roller-coaster for FB stock and has led to serious conversations at the SMIF about selling. Since a rocky IPO at $38 in 2012, FB’s trajectory had been straight up. Like many other fast growing, Nasdaq-tech juggernauts, investors loved the name. At the start of 2018, it looked like we could be headed to $200 by year’s end. After touching $180, the stock now trades at $153. What happened?

    The Cambridge Analytica Scandal involving 87 million FB users earlier this year was the first log on the pile. Now with further, significant data breaches popping up, FB shareholders are faced with a dilemma: sell shares in anticipation of further setbacks due to cybercrime and potential regulation – or – to stay invested in what is still the world’s most popular and profitable social media platform.

    If we look at what is burning the world’s iPhone battery these days, it is likely to be Instagram.

    The most recent breach discussed by this NYT article, discovered in September, is the largest in the company’s history, involving the data of over 50 million users. In the wake of the CA scandal in March, this news also comes as FB and other tech giants are under the microscopes of US and European regulators for election manipulation and other regulatory concerns. Business insider reports that this recent breach could land FB a 1.41 billion Euro ticket from the EU. Other tech giants have already felt the wrath of European regulators. Google broke the fine record this year with a $5 billion-dollar penalty for preinstalling Google on phones. Those fines can add up to attack financials, and with lofty earnings expectations from investors they can hurt share price.

    Perhaps FB can undergo a similar transformation to Target. In Q4 of 2013 as Target was already struggling with waning consumer interest, news broke that the company had spilled data about 70 million customers. Fast forward to Q4, 2018, and we see a brand-new Target. The chain is surviving the Amazon-purge of brick and mortar retailers and has recreated the mystique of the “Tar-jet” image (dubbed by reporters) that it once had. How did target accomplish this? It brought in new leadership and scaled back operations, including leaving Canada entirely. FB is likely too wrapped up in regulatory confusion to be able to change as easily as Target, but maybe FB like TGT will eventually need some fresh leadership.

  7. Peter Duca October 12, 2018 at 10:57 pm #

    This security breach is yet another source of bad publicity and another large issue that Facebook needs to solve immediately. The security breaches caused by this hack not only compromised users’ Facebook accounts; the hacks were also able to hack multiple accounts linked to the users’ Facebook accounts. This is a large inconvenience and risk for users. Facebook may not be a good option as a social media for users in the US anymore if they continue to have security breaches, cause controversy, and breach ethics. Facebook needs to re-evaluate themselves and focus on a set strategy to help with controlling the damage they caused to themselves this past year.

    Although Facebook has done a lot of damage to their reputation over the year, I feel like this could be a good opportunity for Facebook to reinvent itself a bit and enhance the current model they work off of. Some of the company’s recent issues include security risks and lack of users due to competition. The security risks have been caused due to efforts by Facebook to make the site more “user-friendly” and easier to send messages. Instead of focusing on the user-friendliness of the website, maybe Facebook should change its priorities and become more focused on having a safe and secure site to share information. They should also focus their priorities on becoming a website for businesses to advertise information to consumers easier. In India, one of Facebook’s main uses is advertising by local businesses. Instead of focusing on having a user-friendly interface for individuals, Facebook could reinvent their model by becoming a secure place for businesses to advertise their pages. Expanding into the business sector for social media may help Facebook regain some market share they may have lost over the past few years.

  8. Olivia I. October 17, 2018 at 2:04 pm #

    The recent breach of Facebook on the security of the public is scary and unacceptable. So many instances like this have happened from this company’s actions, and many people are starting to take action. This article certainly made me think twice about my own Facebook usage, as many people my age use it to stay in touch, especially after high school and college. For a population that relies so heavily on this website, this recent Facebook breach is detrimental to their society. I think governments are doing the right thing in their prosecuting the site, however, I think more needs to be done.
    Even though I may not be directly affected by this recent breach, I feel like if Facebook continues to expose private information, I may become exposed in some way. Facebook has all users agree to their privacy agreements. However, I feel like the operators need to apologize and truly show that they are changing their ways if they plan on keeping Facebook relevant. It’s unacceptable what the site is doing and need to be rendered.

  9. Alexis Pateiro October 19, 2018 at 12:39 pm #

    Internet privacy and hacking is already an issue that is hard to solve. However, a social media sites like Facebook that are very popular and have been around for many years should taking their hacking issues seriously. Facebook is one of the largest and most used social media platforms used today. I have personally been hacked using Facebook and it went from a simple log out issue to the hackers getting a hold of my personal and financial information. I had Facebook on my laptop and once it got hacked the hacker had full use of my computer being able to find my debit card information and posting it online for people to use. This was not a small issue I had to go through a lot to get my money back and to get rid of the fees that were charged from debit off my card. I also had to call Apple for my lap top to get rid of viruses and install a security application to prevent this from happening again. I also had all of my other social media platforms connected and linked to Facebook and those got hacked as well.
    Now looking at the business aspect of this website/app they had enough money to intensify their security measures for Facebook. If they do not take the time to make their company more secure it is going to continue affecting their business and decrease stocks. I know multiple people who have gotten hacked and just deleted their account and never made a new one. Every Facebook user that encounters this issue might not have the patience to contact customer service to report the hacking and make a new account. Therefore, they should be more mindful for those who use this social media platform and have personal information. In order to keep their user’s loyalty, they need to insure safety and security for those who use Facebook. They also need to think about the people who use Facebook to support their businesses, this is another huge issue. I have worked for many businesses and they post things in order for company exposure and the get more customers. If a businesses’ Facebook gets hacked that can affect the business immensely. I think that Facebook should also take measures to inform people how to secure their information in order for this not to happen. With mindfulness and more efforts in protecting their users Facebook’s reputation can change and will help their customers feel more safe to use their platform.

  10. Robert Musantry October 19, 2018 at 1:44 pm #

    I do not need Facebook for any reason at all, and I am strongly considering deleting my account. I feel like they are always in the news for bad reasons, and another hack fits right into that idea. Apparently, 50 million accounts were hacked in to, including the account of Mark Zuckerberg, the famed founder of Facebook. Since many Facebook users use the site to log in to other sites and/or apps, these hackers had access to an amazing number of accounts, a number that is truly unknown. Effectively, the hackers can pretend to be any of the 50 million users they hacked in any site that uses Facebook to log in, and that means the hackers have access to all data associated with said websites. As soon as I heard about the hack (which was admittedly quite some time after it came out) I took the steps to change my password and unlink my account from other websites. I found out some good news in doing this process, and that was that I never had connected my Facebook to any other sites. This sounds crazy, but I rarely use Facebook and only started using in in the beginning of my senior year of high school in order to connect with other people looking at the same colleges as me. But, many people in my generation have had these accounts for years, and may not even know what other sites have access to their login info. The worst part is that this hack was able to happen because of a security flaw that Facebook themselves created, in order to make it easier to send “happy birthday” videos. Seriously, if that is how you need to wish your friends and family happy birthday, I think the hack hopefully taught a valuable lesson.
    So, all in all, what we have here is another example of how our personal data is no longer personal. We all love sharing ourselves online so much, and we think we have control over who can see what we do. This control only extends so far, and once it is breached it can have innumerable consequences. As I said above, I think I am just going to delete Facebook. I only have a few friends on that account, and most of them are family members that I do not see often. I’ll catch up with them in real life, I guess.

  11. Sandra C October 19, 2018 at 5:48 pm #

    Throughout many blog posts, there has been a theme of Facebook breaches. It seems like this past year, Facebook has had to handle many security issues; and are constantly apologizing for similar mistakes. As a user of both Instagram and Facebook, this track record of security issues is scary. Both Instagram and Facebook are owned by the same company. If the company is unable to control Facebook, how will they be able to control Instagram?

    Now that there is a lack of trust from users toward Facebook, there will be a ripple effect of a lack of trust from the consumer toward Instagram. To a consumer, social media platforms, like Snapchat, seem safer. By using Snapchat, there is no requirement to how much information you have to put in. You also cannot use your Snapchat account to log into other sites, like a gaming app for example. I think the downfall to Facebook is that users are able to use their log-in information for Facebook on other apps and platforms. Because so much data is collected by Facebook, there is a lot of information that is at risk to being released. This makes Facebook a easy target for cyber hackers. It will be interesting to see what Facebook will do with this breach, and also see if they decide to put in more security measures to prevent this from happening again.

  12. Schron B October 19, 2018 at 8:46 pm #

    Facebook has had quite the difficult year when it comes to cyber security concerns. With around 50 million user accounts being compromised it really puts Facebook in a negative light, one that the company will have to work hard to escape from. Social media users require a decent amount of trust in the security these websites and apps are claiming to have and with a brand like Facebook failing so often its bound to hurt user trust. What makes matters worse is that Facebook have failed so often that the only explanation is blatant negligence or an inability to handle their user base anymore.

    The company should hopefully be addressing the concerns with swift and effective action. Maybe a new password protection system could ease public concerns but whatever they choose they have to let people know that they are fixing the issue now. I don’t believe hacking can ever be 100% prevented but at the very least Facebook should be preventing it from happening at such scales so often.

  13. Warren Vetter November 4, 2018 at 11:59 pm #

    Facebook was one of the first social media websites that I signed up for when I was a young teenager due to the fact that it was and still is one of the most popular websites. Most of my friends and fellow peers in my grade at the time had Facebook and I wanted to be a part of it not knowing that Facebook would soon be one of the easiest social media platforms to be hacked. Also, Facebook would soon to hold most of my personal data which would easily be hacked into by third party websites. Facebook has millions maybe even billions of users and knowing that 50 million user accounts got hacked into with ease really puts every Facebook user on edge. You can easily be the next user to be hacked into. Facebook never comes clean to this hacking by always underestimating how badly these hackings turn out to be. Facebook should obviously get better safety protections. Obviously what they are doing right now is not good enough because every month it seems like they are being hacked into. What makes this hacking worst than any of the others is that Facebook did this to themselves. They made it easier to post “Happy Birthday” videos which made it easier for hackers. Facebook needs to improve big time if they want to gain the trust of their users again.

  14. Daniel Campbell November 9, 2018 at 4:45 pm #

    News regarding data breaches is seeming to become a norm. We see news about millions of accounts of major sites such as Yahoo and Facebook get compromised all the time. It’s not surprising to see this because we live in a world where technology is increasing very fast ,but technology security isn’t keeping up. This breach of Facebook left 90 million accounts and their information compromised. In the United States the citizens are reluctant to give up their private information, regardless of what it is used for or if it’s completely safe or not. Comparing the reluctance of giving up private information of US citizens to those of foreign countries leaves us with a large difference in what we find private or not. The article highlights how Indians are more likely to give up information about themselves as compared to those of America. The government of India has made efforts to enroll Indians into a digital ID program where Indians are asked to give up numerous points of information about themselves, including fingerprints, iris scans and photographs. In the United States it’s safe to say that if the government asked for this information, the citizens would be very reluctant to give it up, regardless of the efficiency of the system. I think this is why we see such data breaches for that some people aren’t as reluctant to give up their private information about the selves in order to make government forms and benefits easier to fill out and distribute.
    Facebook needs to be more accountable for these kinds of breaches. If that means taking a few large steps backwards in application development in order to provide more security to users, it should be a question of “when” and “how” and not of “if” and “why”.

Leave a Reply to Peter Duca Click here to cancel reply.