Facebook Won’t Notify Their Vulnerable 500 Million Users
Facebook was hacked back in 2019 and leaked 533 million users’ information. Last weekend, this information was shared and posted online. This data includes phone numbers, email addresses, and birthdays; thankfully, Facebook did not leak their user’s social security numbers or credit card information. When asked what Facebook would do about this massive information leak, Facebook reported that they do not want nor plan to notify their users if their information had been leaked.
Facebook claims that the data was scraped off of people’s public profiles with Facebook’s “contact importer feature” in 2019. They quickly changed their program in order to stop this kind of malicious activity from happening again. In a post on Facebook’s about page, Project Management Director Mike Clark said that Facebook had updated to prevent people from using software to “imitate [their] app and upload a large set of phone numbers to see which ones matched Facebook users.” This meant that Facebook lookalikes would no longer be able to match their stolen phone numbers to their corresponding user.
While this may prevent any future data leaks from occurring, there are still half a billion users who got their information leaked. Even if the data was from 2019, it still exists and is publicly available for people with bad intentions. Facebook claims that there is no way for them to find which specific users were affected, which is why they don’t plan to notify their users who could have been affected. They instead released a new help center webpage. This webpage explains that the leaked data was all public profile information anyway; if someone had allowed everyone to see their page when the data leak had occurred, only the information on the Facebook page was leaked. Nothing that was shared among family and friends was leaked, thankfully.
Facebook has reported that they are working diligently at the moment to remove this shared data from the internet. They also want to pursue and stop anyone who plans to misuse this public information for their own personal gain. People are able to check if their information has been leaked by visiting haveibeenpwned.com, a website developed by Troy Hunt.
By Nathan Park