• Skip to content
  • Skip to primary sidebar
  • Skip to secondary sidebar

Cyber Threat Defense

Cyber Security News

You are here: Home / Data Breach / Facebook – “Malicious Actors” Discover Identities on Two Billion Users

Facebook – “Malicious Actors” Discover Identities on Two Billion Users

April 7, 2018 By News Team Leave a Comment

On Wednesday, Facebook said that “malicious actors” had taken advantage of search tools on its platform, allowing them to discover the identities of most of its 2 billion users, and collect information about them. The abuse of Facebook’s search tools, now disabled, happened over several years on a widespread basis, with very few of its users avoiding being caught up in the scam, company officials said.

It began with malicious actors harvesting email addresses and phone numbers from the Da­rk Web, and using them to feed into Facebook’s “search” box, letting them discover the full names of people linked to the phone numbers or email addresses and then view their public profiles. In a blog post Wednesday, the company said, “Given the scale and sophistication of the activity we’ve seen, we believe most people on Facebook could have had their public profile scraped.”

Users could have blocked this search function, however, it was the default position for users, and research has consistently proven that users of online platforms infrequently alter default privacy settings, and typically do not understand what information they are sharing.

The hackers also took advantage of the account recovery function on the platform and pretended to be legitimate users who had forgotten their account details, which also directed the hackers to public profiles and any information found there.

Facebook did not say who the malicious actors might be, or how the data may have been used. However, experts on cybercrime say that names, phone numbers, email addresses and other personal data offer a foundation for identity theft and other malevolent online activity.

The revelation came out amid the recent Cambridge Analytica scandal, which has revealed that the political consultancy firm hired by President Trump’s campaign and other Republicans, improperly gathered detailed information on 87 million people via Facebook, 71 million of whom were Americans.

The company has been dealing with the fallout of how the data of so many Americans found itself in the hands of Cambridge Analytica, a British-based firm. The reports initially sent the company’s stock price tumbling and have spurred political investigations in the United States, Europe and beyond. Australia and Germany have recently threatened or launched investigations into the misuse of foreign users’ data. India (Facebook’s biggest market) has asked for more detailed information from Facebook and Cambridge Analytica, with a Saturday deadline. Mark Zuckerberg is set to testify in front of Congress in a series of hearings next week.

Meanwhile, a widespread debate about privacy and ethics in relation to social media is also occurring in Europe, which has long sought ways to rein in U.S. tech giants, and may finally lead to greater regulation, forcing tech companies to implement broader changes to protect customer data worldwide. The new revelation that “malicious actors” had been able to discover the identities and collect data of most of its two billion global users will no doubt add flames to the worldwide debate.

Filed Under: Data Breach, Data Theft Tagged With: Australia, Cambridge Analytica, dark web, data breach, Europe, Facebook, Facebook public profile, Facebook search, hackers, India, malicious actors, President Trump, regulation, U.S.

Primary Sidebar

Recent Articles

  • How Profits Inspires Virus Developers
  • What’s Propelling A10 Networks Inc (NYSE: ATEN) After Higher Shorts Reported?
  • FacexWorm Targets Facebook Messenger
  • Cisco Systems Webex Flaws Allows Remote Users To Execute Code
  • Europe sees Radical Drop in DDoS Attacks Since Seizure of Webstresser Site

Categories

  • Application Security
  • Bitcoin
  • Bot Defense
  • Browser Security
  • Business Models
  • Critical infrastructure
  • Cryptocurrencies
  • Cryptojacking
  • Cryptomining
  • Cybercrime
  • cybersecurity
  • Data Breach
  • Data Theft
  • DDoS
  • Endpoint Security
  • Espionage
  • Feature
  • Firewall
  • Fraud
  • Government
  • Hacking
  • Hacking Tools
  • IoT
  • Layer7
  • Leaks
  • Malware
  • Mining
  • Mobile security
  • Point of Sale Devices
  • Quantum Encryption
  • Quantum Security
  • Ransomware
  • Routing
  • Uncategorized
  • Vault7
  • Vault8
  • Vulnerabilities
  • Wikileaks

Secondary Sidebar

Cyber Threat Defense.net | Copyright © 2019 All product names, logos, and brands are property of their respective owners. All company, product and service names used on site are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.