Expert Comments

Expert On Facebook Was Repeatedly Warned Of Security Flaw That Led To Biggest Data Breach In Its History

Expert(s): Security Experts
Expert(s): Security Experts

The Telegraph is reporting Facebook knew about a huge security flaw that let hackers to steal personal data from millions of its users almost one year before the crime, yet failed to fix it in time. Legal documents show that the company was repeatedly warned by its own employees as well as outsiders about a dangerous loophole that eventually led to the massive data breach in September 2018. Despite this, the loophole remained open for nine months after it was first raised, leading employees to later speak of their “guilt” and “hurt” at knowing that the attack “could have been prevented”. The breach, which involved stealing digital access tokens used by Facebook to verify users’ identity without needing their passwords, exposed the names, phone numbers and email addresses of 29 million people and a host of more intimate data for 14 million accounts.

Experts Comments

February 11, 2020
Javvad Malik
Security Awareness Advocate
KnowBe4
All organisations knowingly, or unknowingly make risk-based security decisions. There are inevitably more vulnerabilities and issues which need fixing than there are resources, so there will always be some issues which will take priority over others. Even when something appears to be a 'simple' fix, like a patch, it can take significant resources to test and validate that the fix won't have any unintended consequences which impact other systems or open up another, more serious vulnerability. .....Read More
All organisations knowingly, or unknowingly make risk-based security decisions. There are inevitably more vulnerabilities and issues which need fixing than there are resources, so there will always be some issues which will take priority over others. Even when something appears to be a 'simple' fix, like a patch, it can take significant resources to test and validate that the fix won't have any unintended consequences which impact other systems or open up another, more serious vulnerability. With that being said, Facebook is unlike the majority of organisations in the world. It has vast amounts of highly sensitive and personal information belonging to its users and it should take all measures possible to protect its users' information. Be that from inadvertent, or deliberate misuse, either from a legal, or ethical perspective. Such leaks from Facebook are a treasure trove for people with ill intent, something that came to light with the Cambridge Analytica event.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.
SUBMIT

You may also like

DNA Testing Firm Discloses Data Breach Affecting 2.1 Million People

Data Hacked For 400,000 LA Patients

IKEA Suffering Ongoing “Reply-Chain” Email Attack

Cybersecurity Expert Reaction On UK’s Financial Regulator Scraps 90-day Authentication...

DNA Testing Firm Discloses Data Breach Affecting 2.1 Million People

Panasonic Becomes Latest Victim Of Data Breach – Security Expert...

Clearview’s £17 Million Fine For Processing 10+ Billion Images Is...

Booz Allen Report On CISOs And China Quantum Computing Risks,...

Experts Reactions On Sky Broadband Hack Warning

Ransomware Set To Break Records This Black Friday 2021

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts