Tag Archive for: Facebook breach

Facebook Breach: Zuckerberg Karma & Your Stolen Cell #

Facebook Breach

The Facebook Breach Might Not Be What You’re Thinking

How many Facebook user records were just breached? The answer might surprise you.

Zero.

That’s right, the 533 million records that were “scraped” off in the recent-headline-grabbing Facebook breach actually disappeared from their website in 2018 and 2019. Not 2021.

It’s just that Facebook never told us. Never notified us per standard procedure. We found out when the data was posted to a free hacking forum on the dark web.

The breach compromised the personal data of more than half a billion Facebook users including phone numbers, Facebook IDs, full names, locations, birth dates, bios and in some cases email addresses. Yes, that’s right, all of those spam calls you get on your mobile phone might be due to the Facebook breach. Even Facebook founder and CEO Mark Zuckerberg’s cellphone number was part of the hack!

Although the data has been floating around for two years, the way the data was sorted and posted on a free hacking forum this week makes it far more accessible for criminals to exploit. And, although some data for the affected people may have changed in two years, it could still be of value to hackers and cyber criminals like those who engage in identify theft.

What to do?

  1. Never put your real phone number, address or birthdate into Facebook in the first place. Use a Google Voice number if you must.
  2. Change your password in Facebook regularly, even though you no longer have to on most sites.
  3. If you turn on two-step logins, don’t give your cell phone number, as it will be breached. Give the Google Voice number.
  4. See if you were included in this hack by entering your email into HaveIBeenPwned.com. Do you see Facebook there? I hope not.
  5. When you’ve had enough, delete your Facebook account.

John Sileo is a cybersecurity expert, privacy advocate, award-winning author and media personality as seen on 60 Minutes, Anderson Cooper and Fox & Friends. He keynotes conferences virtually and in person around the world. John is the CEO of The Sileo Group, a business think tank based in Colorado.

Delete Your Facebook After Cambridge Analytica?

I’ve written A LOT about Facebook in the past.

  • What not to post
  • What not to like
  • What not to click on
  • How to keep your kids safe
  • How to keep your data protected
  • How to delete your account

ETC! Search specific topics here.

And personally, I’m ashamed of myself for knowing exactly how social networks like Facebook take advantage of users and our data, and yet still have a Facebook profile. I’m not just sharing my information, Facebook is also sharing everyone of my “friends’” Information through me. I’m currently thinking that the only way to protest this gross misuse is data is to delete my profile (which still won’t purge my historical data, but will stop future leakage).

And yes, I’ve written several times about how Facebook is allowed to sell your privacy.  Now, it turns out the practices I have warned about for years are taking over our headlines with a “little” news bit about how Cambridge Analytica has used data obtained from Facebook to affect the 2016 U.S. Presidential election.

Here’s a brief timeline:

  • In 2014, a Soviet-born researcher and professor, Aleksandr Kogan, developed a “personality quiz” for Facebook.
  • When a user took the quiz, it also granted the app access to scrape his or her profile AND the profiles of any Facebook friends. (Incidentally I was writing about why you shouldn’t take those quizzes right about the time all of this data was being gathered!  And, it was totally legal at that time!)
  • About 270,000 people took the quiz. Between these users and all of their friend connections, the app harvested the data of about 50 million people.
  • This data was then used by Cambridge Analytica to help them target key demographics while working with the Trump campaign during the 2016 presidential election.
  • Facebook learned of this in late 2015 and asked everyone in possession of the data to destroy it. (They did not, however, tell those affected that their data had been harvested.)
  • The company said it did, and Facebook apparently left it at that.

That takes us up to recent days, when The Guardian and The New York Times wrote articles claiming that the firm still has copies of the data and used it to influence the election.

What’s happening now?

  • Facebook has suspended Cambridge Analytica from its platform, banning the company from buying ads or running its Facebook pages.
  • The Justice Department’s special counsel, Robert S. Mueller III, has demanded the emails of Cambridge Analytica employees who worked for the Trump team as part of his investigation into Russian interference in the election.
  • The European Union wants data protection authorities to investigate both Facebook and Cambridge Analytica. The UK’s information commissioner is seeking a warrant to access Cambridge Analytica’s servers.

And what should you be doing?

Consider deleting your profile. I am. I’ve written about how to do that before and how to weigh deactivating your account versus deleting it. Consider carefully before making that choice.

Remember that the real illusion about Facebook is that there is anything significant we can actually do to protect our privacy. Facebook provides an effective privacy checkup tool, but it does nothing to limit the data that Facebook sees, or that Facebook decides to share with organizations willing to buy it, or even that hackers decide to target.

The data you’ve already shared on Facebook, from your profile to your posts and pictures is already lost. There is nothing you can do to protect it now. The only data you can protect is your future data that you choose to not share on Facebook.  Here are my suggestions for a few pro-active steps you can take right now:

  • Delete or deactivate your Facebook profile
  • Reread my post about Facebook Privacy from 2013—unfortunately, all of it still applies today!
  • Memorize this phrase: “Anything I put on Facebook is public, permanent and exploitable.”
  • Tell some little white lies on your profile.
  • And stop taking those quizzes!

John Sileo is an an award-winning author and keynote speaker on cybersecurity, identity theft and online privacy. He specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him directly on 800.258.8076.