The Telegraph is reporting Facebook knew about a huge security flaw that let hackers to steal personal data from millions of its users almost one year before the crime, yet failed to fix it in time. Legal documents show that the company was repeatedly warned by its own employees as well as outsiders about a dangerous loophole that eventually led to the massive data breach in September 2018. Despite this, the loophole remained open for nine months after it was first raised, leading employees to later speak of their “guilt” and “hurt” at knowing that the attack “could have been prevented”. The breach, which involved stealing digital access tokens used by Facebook to verify users’ identity without needing their passwords, exposed the names, phone numbers and email addresses of 29 million people and a host of more intimate data for 14 million accounts.
@Facebook was repeatedly warned of #security flaw that led to the biggest #databreach in its history in a #cyberattack that affected 29 million people via @Telegraph #data #datasecurity #cybersecurity https://t.co/i3IXwVDrSy
— MikeCassell (@MikeCassell22) February 10, 2020
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
