You’ve probably read the news that more than 500 million Facebook account details were posted on a forum. So we have been expecting an official statement, apology, or notification from Facebook, warning users about this and suggesting ways to protect your account. Well we finally got one. Sort of. While we did get official word from the social media giant, what we got was more of an explanation about how this happened but no apology for failing to protect its users’ data.
Facebook’s official statement or explanation of how this came about sounded a bit defensive if you really look at it. First off, they clarified that it was not because they were hacked that the data was compromised but it was due to “scraping” which happened back in 2019. They said that the leaked data came from the contact importer feature that supposedly lets you find friends on Facebook and their other apps through your phone’s contact lists.
Facebook clarifies that when they found out that malicious actors were using this feature to scrape user data, they updated it to prevent these characters from imitating the app and being able to upload large sets of phone numbers to match with Facebook accounts. They also said that the data scraped did not include financial and health information or users’ passwords. The reports about the published data said it included phone numbers, email addresses, and other important personal information.
While they did remind people to make sure their account is safe and secure, we’re not seeing any apologetic tone from this statement from Facebook. They also did not say that they will be informing users affected directly by this. They said they are working on getting this data set taken down but by now, other players have probably saved all the data and may be able to use this for their own nefarious purposes.
Data privacy watchdogs are keeping a close eye on this matter so there will probably be some regulatory actions filed if they can prove that Facebook was negligent on this matter. It doesn’t help that there have been previous data breaches that have soured regulatory bodies and the general public on Facebook, even as it still enjoys a large number of regular users.