500 Million Records
Facebook-Megaleak: The group gives the users the debt
500 million records on Facebook users ended up straight in the network, including phone numbers and e-Mail addresses. The company is apparently nothing wrong. And pushes in a blog post, the buck prefer the users.
Phone numbers, names, email addresses and personal information of 500 million people – for everyone on the Internet to download. This is the appalling record of the last data leaks at Facebook. Now, the group has said in a blog post for the first Time to the backgrounds. And is apparently nothing wrong.
The entry of the blog post shows. “It is important to understand that malicious actors did not get the data that you have hacked our servers, but have you tapped from our platform,” says the group in the first paragraph. And then: “This is a method of automated Software public information from the Internet to pick up, which can then be used in this type of spread. The data, as suggested by the Post, so be have been always publicly available.
Just not to blame
The first, much to quibble consulting distinction between Hack and fishing is likely to be a Mistake. While in the case of a Hack Facebook the responsibility for the theft of the data would take would be for fishing, especially the users responsible. Finally, have offered their data publicly, the subtle insinuation. The tactic is not new: Even as Facebook about the data octopus Cambridge Analytica, indirectly, the Trump campaign with true-to-user information had been supplied, argued the group, in retrospect, in this way.
But the current case does not seem to be. After Facebook tried for several days to claim that the data would actually be scavenged from the well-known data leaks together, had to admit the group now that they were probably acquired in an access directly. “We believe that the data were tapped by means of the contact import tool from the profiles,” says the group in a blog post. This is actually meant to be “easy to find via the contact lists of his friends,” says the Post.
But a million friends on Facebook
This distracts from the actual Problem. It invites you to be a directory of addresses in the case of Facebook, high, compares the group with the own address book and supplies it with the right friends in the network. However, the attackers seem to have exactly this at the top of Facebook acclaimed feature for your purposes. “In the end, the attackers have created an address book with all the telephone numbers in the world, and then Facebook asked whether or not the ‘friends’ are in it for Facebook,” says security expert Mikko Hypponen. That is possible, but it is hardly the fault of the user but the group, which they have entrusted to the data.
The experts believe at least. “At which point Facebook has admitted:’ We have a bug in the System, and we have fixed it so that others are not affected?” said Ashkan Soltani, who was earlier technikk head of the US regulatory authority, the FTC, to “Wired”. “I don’t remember that Facebook would have ever done.”
It is mostly public data, the Leak for experts, is less dangerous. “It is simply wrong to believe that the gap was less dramatic, because it does not contain any passwords or other highly sensitive data,” said expert Zack All “Wired”. The phone number of the attackers had not only get the appropriate name to the number of Facebook. But on the profile of a number of other data about the case of fraud mesh use.
No new protection measures
An attacker could recover the contact tool data, knew that Facebook already for a long time: Already in 2017, he had warned the group against this possibility, reported Hacker Inti De Ceukelaire on Twitter. In a blog post he had described at the time, even how he could actually hidden numbers in the case of Facebook and make it visible. In fact, several users have objected to in social media, Facebook’s presentation, it’s only users with publicly viewable numbers were affected. “My Account has been closed since 2015. However, my data is contained in the gap of 2019,” complained about Pierre Abi-aad in Twitter.
How Facebook wants the data in the future to better protect, not to betray the group. You have changed the method used already in 2019. “While we can’t always prevent such data sets arise, go around, or new, we have a dedicated Team that takes care of exactly that,” says the group. Instead of informing the affected users, proposes to Facebook, however, is that to take care of yourself to the protection of your data. “It is always necessary to assess whether the privacy settings correspond to what you would like to share in public”, is Facebook with concern. “We recommend, therefore, to make the privacy-Checks and make sure everything is correct.”
Sources:Facebook, Wired, Vice, Twitter