Facebook Data Breaches in 2019

Facebook Data Breaches in 2019

Name

Institution

Digital companies have been faced with major challenges, which include access to information by third parties, which is contrary to the existing operational guidelines. Social networking companies have access to crucial personal information of the users. However, based on the operational standards of these companies, such private and confidential information is censored and only accessible by the owner (Leetaru, 2019). However, there have been challenges considering the reports that private details of the subscribers have been accessed by third parties, which is illegal and contrary to the federal laws and the underlying operational standards. Facebook is the largest social networking company in the world, which means that it has access to billions of users around the globe. In 2019, Facebook saw one of the most significant security breaches when personal information, including passwords belonging to more than 540 million accounts, were exposed.

Data security in digital platforms has become a major challenge that requires organizations to implement definite measures that can help in promoting change and overall attainment of total security through a focus on the current trends within the industry. Facebook is a company that has come under pressure in recent years due to its inability to protect the private and confidential information of its subscribers from being accessed by third party users (Ayaburi & Treku, 2020). The Federal Trade Commission fined the company $5 billion after the company was found to have allowed political consultancy Cambridge Analytica to illegally and improperly access the private information of more than 50 million Facebook users. Facebook had signed a consent decree from a previous investigation of the Facebook contact in 2012 after the company had agreed to implement better policies to protect user privacy and abide by its terms and conditions (Burcham, 2019).

Facebook has faced many challenges through 2019, which have created a significant loophole on the ability of the organization to adequately protect its user’s personal information. In March 2019, Facebook admitted that since 2012, it did not sufficiently safeguard and secure the passwords of almost 600 million users. The passwords were stored in plain text and were easily accessed by more than 200,000 of the company’s employees, presenting a serious ethical concern for the subscribers. Despite the promise of a safe and secure platform, the company did not sufficiently protect the passwords of its users (Glassman, 2020).  Storage of the passwords in plain text means that there is no encryption to the data making it vulnerable to many individuals. It is difficult to control the integrity levels of more than 200,000 since it is impossible to regulate the level at which information is being accessed. The integration of reliable security systems would have played a central role in creating a positive system through which there would have been easy to manage user information (Hundreds of millions of Facebook user records were exposed on Amazon cloud server, 2019).

In April, in yet another addition to the previous information that was made available, it was identified that two third-party applications that hold Facebook datasets were exposed to the public online with over 540 million records, including account names, Facebook ID, and user activity. The second application disclosed passwords of Facebook users, photos, groups, check-ins, and other information involving  Facebook users. The two third party applications included the Cultura Colectiva, which is a Mexico based company. The company had 146 gigabytes of information collected from Facebook of over 540 users. The information that was captured by the company included comments, likes, account names, reactions, and user activities. The availability of such information can be utilized in different ways by other users. They might use it based on their own needs rather than presenting a clear structure that helps in implementing change and overall commitment (UpGuard, 2020).

Another application that was exposed was the Facebook integrated app that was titled ‘at the pool,’ which was exposed to the public through the Amazon S3 bucket. The database contained more detailed information about Facebook users, including interests, user friends, Facebook events, passwords, Facebook groups, chats, and other useful information that was highly structured for ease in sharing (Cbs, 2019).

The exposure of personal information presents a different perspective, which offers the continued inability of Facebook to protect its user information.  The major challenge, in this case, is that it is not clear whether Facebook knows about the ease in which third parties are breaching its operational protocol to access user information. It is also not clear whether it is Facebook through underhand dealings that are providing third parties with private and confidential information about its users (UpGuard, 2020). It is difficult to verify the efforts that the company is doing to control such breaches or exposing the company operations to companies that are seeking to have such information for business, criminal, or political reasons.

Besides, Facebook, through its subsidiary social site WhatsApp reported that hackers had exploited an existing flaw in its apps voice call feature and installed surveillance software on user’s smartphones in both iOS and Android systems. The company reported that the action could have impacted more than 1.5 billion WhatsApp users globally. The company reported that spyware technology that was created by the NSO group had infiltrated WhatsApp and tampered with user’s smartphones (Burcham, 2019). The compromise made showed that the spy app that had been installed could control the phone’s camera and microphone, which could easily switch on and off at will without the user consent as well as a spy through personal emails, messages, and collect user location data. The NSO offers surveillance technology to many governments in monitoring and fighting terrorism and cybercrime (Hundreds of millions of Facebook user records were exposed on Amazon cloud server, 2019).

The existing primary concern has been the inability to know the extent of the breach to develop countermeasures and control such actions. The vulnerability of personal information brought by systems and networks that individuals join present a difficult situation where it would be possible to be 100% secure. The fact that independent companies can access controlled systems and compromise the existing data makes it difficult to trust any of these systems that have been developed (Glassman, 2020).

The risk of personally identifiable information (PII), reaching cybercriminals through the negligence of the company, greatly exposes personal security and the ability to define an improved focus on safety and overall protection.  The chances of information reaching dark webs are high and preset a difficult context where it is possible to target independent users despite the promise of data security by the company with strong terms and conditions identified.

The inability of Facebook to control access to personal information from users presents a difficult situation which shows the need to embrace more struct security interventions for improved security control. Encryption is one of the standard financial information management that embraces major approaches that help improve the privacy of information (Gerrish & Idi, 2019). An organization must take bold steps in protecting its clients from information fraud where their private information can be hacked through security breach and lack of protection.

Encryption of data focuses on both the confidentiality and privacy of information. Protection of data occurs at different stages, which can be highly vulnerable to breach considering the likelihood of security gaps. Encryption focuses on the protection of information while in transit over a network or through internal sharing of information. Major strategies that are incorporated in this case must emphasize on the need to improve information management as well as quick retrieval for authorized personnel (Burcham, 2019).

The existing challenges mean that many gaps are currently existing within the technology industry, especially social sites where third party organizations and refining user information and sharing with other platforms for personal use. The constitution is evident in need to protect personal information and avoid creating gaps that can be easily exploited by cybercriminals and sell in the dark webs (Leetaru, 2019). The fact that a third party organization can install a spy app on user phones based on an application they are using presents a difficult situation within which the whole system needs re-evaluation and integration of the modern security information management systems (Adedeji, 2019).

Data management in the current technology environment has been a significant challenge in improving the quality of service delivery. Data loss prevention systems that are embraced by financial departments emphasize on companies having total control of its data and its safety from cyber-attacks and internet thieves.  The sensitivity of the company’s financial data makes it a key target for cybercriminals. The frequent data breaches by Facebook present a challenge to society at large, especially when looking at the quantity of information that the company has on individuals across the world. The company needs to step up its emphasis on security management and control data breaches and improve user trust.

References

Adedeji, A. T. (2019). Facebook Privacy Crisis and its Impact on Organizational Trust (Doctoral dissertation, Mount Saint Vincent University).

Ayaburi, E. W., & Treku, D. N. (2020). Effect of penitence on social media trust and privacy concerns: The case of Facebook. International Journal of Information Management, 50, 171-181.

Burcham, J. (2019, May 14). WhatsApp Vulnerability Spies on Users. Retrieved from https://www.fightingidentitycrimes.com/whatsapp-vulnerability-spies-on-users/

Cbs. (2019, December 20). Facebook Security Breach As Millions Of Accounts Exposed Online. Retrieved from https://miami.cbslocal.com/2019/12/20/facebook-security-breach/

Gerrish, C., & Idi, S. (2019). Facebook Under Attack? Privacy–Europe’s Way of Waging War on US Giants?. The Journal of Social Media in Society, 8(1), 271-278.

Glassman, D. (2020). Facebook is creating records—but who is managing them?. Archives and Manuscripts, 48(1), 45-58.

Hundreds of millions of Facebook user records were exposed to the Amazon cloud server. (2019). Retrieved from https://www.cbsnews.com/news/millions-facebook-user-records-exposed-amazon-cloud-server/

Leetaru, K. (2019, March 23). Facebook’s Password Breach Suggests The Public Sees Cybersecurity As Obsolete. Retrieved from https://www.forbes.com/sites/kalevleetaru/2019/03/23/facebooks-password-breach-suggests-the-public-sees-cybersecurity-as-obsolete/#7accb06f3e24

UpGuard. (2020, March 11). Losing Face: Two More Cases of Third-Party Facebook App Data Exposure. Retrieved from https://www.upguard.com/breaches/facebook-user-data-leak