You have probably read the news that more than 500 million Facebook account details were posted on a forum. Therefore, we expected an official statement, an apology, or a notification from Facebook, warning users about this and suggesting ways to protect their account. Well, we finally got one. Something like. While we received official news from the social media giant, what we got was more of an explanation as to how this happened, but no apology for not protecting their users’ data.
Facebook’s official statement or explanation of how this happened sounded a bit defensive if you really look at it. First of all, they clarified that it was not because the data was hacked that the data was compromised, but that it was due to the “scraping” that happened in 2019. They said that the leaked data came from the contact importer function that supposedly allows you to find friends . on Facebook and your other applications through your phone’s contact lists.
Facebook clarifies that when they discovered that malicious actors were using this feature to extract user data, they updated it to prevent these characters from mimicking the app and being able to upload large sets of phone numbers to match Facebook accounts. They also said that the data extracted did not include financial and health information or user passwords. Reports on the released data said it included phone numbers, email addresses and other important personal information.
While they reminded people to make sure their account is secure, we don’t see any tone of apology in this statement from Facebook. They also did not say that they will inform users directly affected by this. They said they are working to remove this dataset, but by now other players have likely saved all of the data and may be using it for their own nefarious purposes.
The data privacy watchdogs are keeping a close eye on this matter, so some regulatory action will likely be taken if they can show that Facebook was negligent in this matter. It doesn’t help that there have been previous data breaches that have soured regulatory bodies and the general public on Facebook, even when it still enjoys a large number of regular users.