What is the most galling thing about the latest Facebook data hack of 533m users’ personal data?
Is it that Facebook was warned as far back as 2012 about the data scraping vulnerability?
Or that Facebook intimated that it was the users own fault?
First, the facts, as best we know them.
As usual, Facebook wasn’t even aware they had been breached. A dataset of 533m Facebook user details appeared on a hacker forum last week with their phone numbers and other details.
Business Insider reported about the data breach on 3 April and since then Facebook hasn’t answered many journalists’ questions about how it happened. Instead, it pointed us to a blog post called “The Facts on News Reports About Facebook Data”.
It argues that “malicious actors obtained this data not through hacking our systems but by scraping it from our platform”.
So, it wasn’t “hacked” but the data was “scraped” by “malicious actors”. Then Facebook points out – taking a leaf from the ANC’s playbook whenever it is accused of corruption – that it was “previously reported” (it included a link to a 2019 Cnet article). It claims the exploit for the “content importer” tool used has since been fixed.
Facebook later admitted it hadn’t intended to tell users because it didn’t feel “confident” about which users were affected.
Then it argued that use users “could not fix the issue… [and] the data was publicly available”.
Then it offers what seems like benevolent advice, but – as always with Facebook – it passes the buck, this time to its own users.
“While we addressed the issue identified in 2019, it’s always good for everyone to make sure that their settings align with what they want to be sharing publicly. In this case, updating the “How People Find and Contact You” control could be helpful. We also recommend people do regular privacy checkups to make sure that their settings are in the right place, including who can see certain information on their profile and enabling two-factor authentication.”
All of these are, of course, true. But only Facebook could make out like the consumers were at fault – or it wasn’t at fault because the data was “public”.
Facebook is a currently valued at $885bn, after a six-month surge in its share price, and it has 2.8bn users. It didn’t tell its users, it won’t answer journalists about what happened and it won’t even tell the lead European regulator what happened.
The Data Protection Commission in Ireland said in a statement that Facebook did “no proactive communication”.
Not even former #Presidunce Jacob Zuma has acted with such impunity. There is a remote chance Zuma may go to jail – which he should for defying the Constitutional Court, if they stop pussy-footing around him and execute the lawful result of his ignoring the apex court’s order to appear at the Zondo commission – but CEO Mark Zuckerberg is unlikely to face consequences.
I was fascinated to hear the respected marketing guru Scott Galloway call Zuckerberg a “sociopath” on the New York Times’ Sway podcast.
It does sound like the appropriate moniker give the latest disregard and contempt Facebook has shown for its own users.
This article first appeared in the Financial Mail.