Are the terms “Facebook” and “privacy violation” becoming synonymous? It would almost seem that way, with millions of users skeptical that the social media giant does enough to protect their sensitive personal information due to ever-changing security settings. And now, data breaches.
Just months after Facebook admitted that malware breached its developers’ systems, yet another serious data breach happened last week and affects six million users. The mixup was a result of a glitch between “People You May Know” (friend suggestions) and “Download Your Information” (an archive of your Facebook history). The breach left the email addresses or telephone numbers exposed for six million people for an entire year.
Facebook released the following statement that includes the startling admission that it’s unable to keep consumers’ data safe all the time:
“Even with a strong team, no company can ensure 100% prevention of bugs, and in rare cases we don’t discover a problem until it has already affected a person’s account. This is one of the reasons we also have a White Hat program to collaborate with external security researchers and help us ensure that we maintain the highest security standards for our users.
We recently received a report to our White Hat program regarding a bug that may have allowed some of a person’s contact information (email or phone number) to be accessed by people who either had some contact information about that person or some connection to them.
Describing what caused the bug can get pretty technical, but we want to explain how it happened. When people upload their contact lists or address books to Facebook, we try to match that data with the contact information of other people on Facebook in order to generate friend recommendations. For example, we don’t want to recommend that people invite contacts to join Facebook if those contacts are already on Facebook; instead, we want to recommend that they invite those contacts to be their friends on Facebook.”
Of course, Facebook is not alone. Twitter admitted that hackers compromised 250,000 accounts. LinkedIn also had a major security snafu last year when the passwords for 6.5 million LinkedIn accounts were stolen and published online.