In August of 2019, Facebook was the victim of a data breach that compromised information from 533 million people from 106 different countries. Why is this in the news now? Because the breach was addressed in a recent email from Facebook management. The email was accidentally sent to a Belgium-based news outlet and, in that email, they don’t seem too concerned.
The stolen information included phone numbers, Facebook IDs, full names, birthdates, location information, biographical information, and even some email addresses. But Facebook feels that there is no need to relay the info to users. And they don’t plan on changing their minds about it. In fact, the email indicates that they are looking to normalize this type of incident.
It was part of a feature that no longer exists. Users couldn’t fix it themselves, to they fixed the issue. With doubt around whether users would ever be successfully notified, Facebook did not feel that there was a way to ensure the situation was remedied any further. As they seem to see it, they addressed it on their end, and there was nothing the general public could really do. Seems like a “hey, what can you do, it’s going to happen” kind of response and they said as much in a blog post.
Seems Like Data Breaches are Normal Now
Yes, data breaches are so common now, it is no longer a surprise when a large breach hits the headlines. That is a problem, but when we stop reporting on it altogether, that makes it even worse. Are we admitting defeat? Or are we just saying that we’re ok living with it? Neither answer should be acceptable, and businesses should not be able to say that it is ok to be a part of their problem because it is just a “normal occurrence”.
Once the email was discovered how did Facebook react? They confirmed it was genuine and told the BBC: “We understand people’s concerns, which is why we continue to strengthen our systems to make scraping from Facebook without our permission more difficult and go after the people behind it.” The spokesperson later added that LinkedIn and Clubhouse had also faced “data scraping” issues.
Look, it’s not just us, everyone has this problem.
But that doesn’t mean it is ok! We need to continually work together to ensure we are protecting our personal and professional information through safe cybersecurity practices. It isn’t something that we see as negotiable, especially when the statistics show how likely a small business is to not survive a data breach. Yes, data breaches are becoming the norm, but that doesn’t mean we have to accept that as the new normal.