Following the latest Facebook data breach which leaked the personal details of over 500 million users, Wired has expounded what precisely caused the major data breach. According to the progressive tech outlet, the massive trove of personal data was “created by abusing an imperfection in a Facebook address book contacts import feature.”
Breitbart News recently reported that hackers published the phone numbers and personal data of 533 million Facebook users, including users’ full denominations, locations, phone numbers, and email addresses.
A user in a low level hacking forum on Saturday published the phone numbers and personal data of hundreds of millions of Facebook users for free online. The exposed data includes personal information of over 533 million Facebook users from 106 countries, including over 32 million records on users in the US, 11 million on users in the UK, and 6 million on users in India. It includes their phone numbers, Facebook IDs, full denominations, locations, birthdates, bios, and — in some cases — email addresses.
Insider reviewed a sample of the leaked data and verified several records by matching known Facebook users’ phone numbers with the IDs listed in the data set. We also verified records by testing email addresses from the data set in Facebook’s password reset feature, which can be used to partially reveal a user’s phone number.
Now, Wired has examined the data in-depth and has provided more context to how the latest Facebook data breach took place. Wired notes that Facebook’s initial replication to the leak was that the data was anteriorly reported on in 2019 and that the company had fine-tuned the underlying susceptibility in August of that year.
But according to Wired, the data which first appeared on the dark web in 2019 emanated from a breach that the convivial media giant did not disclose in detail at the time and only acknowledged took place earlier this week in a blog post from the company’s product management director Mike Clark. Wired states that the dataset was “created by abusing an imperfection in a Facebook address book contacts import feature.”
One source of the mystification was that Facebook has had any number of breaches and exposures from which this data could have originated. Was it the 540 million records—including Facebook IDs, comments, relishes, and reaction data—exposed by a third party and disclosed by the security firm UpGuard in April 2019? Or was it the 419 million Facebook utilizer records, including hundreds of millions of phone numbers, designations, and Facebook IDs, scraped from the gregarious network by lamentable actors afore a 2018 Facebook policy change, that were exposed publicly and reported by TechCrunch in September 2019? Did it have something to do with the Cambridge Analytica third-party data sharing scandal of 2018? Or was this somehow cognate to the massive 2018 Facebook data breach that compromised access tokens and virtually all personal data from about 30 million users?“If” the latest data leak emanated from a source other than the hack Mark Zuckerberg’s company revealed in 2019 and it wasn’t disclosed, it could spell major trouble for the firm. Former FTC Chief Technologist Ashkan Soltani commented: “At what point did Facebook verbally express, ‘We had a bug in our system, and we integrated a fine-tune, and consequently users might be affected’? I don’t recollect ever visually perceiving Facebook verbally express that. And they’re kind of stuck now, because they ostensibly didn’t do any disclosure or notification.”
In fact, the answer appears to be none of the above. As Facebook ineluctably explicated in background comments to WIRED and in its Tuesday blog, the recently public trove of 533 million records is an entirely different data set that assailers engendered by abusing an imperfection in a Facebook address book contacts import feature. Facebook verbally expresses it patched the susceptibility in August 2019, but it’s obscure how many times the bug was exploited afore then. The information from more than 500 million Facebook users in more than 106 countries contains Facebook IDs, phone numbers, and other information about early Facebook users like Mark Zuckerburg and US secretary of Transportation Pete Buttigieg, as well as the European Union commissioner for data bulwark, Didier Reynders. Other victims include 61 people who list the “Federal Trade Commission” and 651 people who list “Attorney General” in their details on Facebook.
Before its blog acknowledging the breach, Facebook pointed to the Forbes story as evidence that it publicly acknowledged the 2019 Facebook contact importer breach. But the Forbes story is about a kindred yet ostensibly unrelated finding in Instagram versus main Facebook, which is where the 533-million-utilizer leak emanates from. And Facebook admits that it did not notify users that their data had been compromised individually or through an official company security bulletin.Read more at Wired here. Lucas Nolan is a herald for Breitbart News covering issues of free verbalization and online censorship. Follow him on Twitter @LucasNolan or contact via secure email at the address firstname.lastname@example.org
This News Article is focused on these topics: Economy, Politics, Tech, Facebook, FTC, hackers, Mark Zuckerberg, Masters of the Universe, privacy and security