Shocking details reveal more than 80M Facebook accounts breached
When Facebook- Cambridge Analytica breach came to light, it was reported that over 50 million accounts have been violated to extract personal data without user consent. However, Facebook has dropped a bombshell that Cambridge Analytica might have violated over 87 million accounts, a number which is 74% greater and alarming than the previous estimate.
The Chief Technology Officer of Facebook, Mike Schroepfer has published a blog post that indicates that most of the 2 billion user accounts of the social network have their data scraped by malicious actors that used a search feature to find profile pages. Facebook has now disabled the feature that allowed data scraping through the site’s search function.
Most of the 2 billion user accounts of the social network have their data scraped by malicious actors.
The search tool of Facebook previously allowed anyone to look up the public profile information of any user of Facebook by searching the respective email address or contact number. The publicly available information generally included gender, birthdate, education, workplace, location, that can be violated for identity theft, credit card fraud, and altering political persuasions. According to Schroepfer, the feature was useful when it was difficult to type in the full name of a user. However, the feature was abused to find personal details on potentially billions of Facebook users. After disabling the feature, Facebook is also making changes to account recovery option to reduce the risk of scraping.
Cambridge Analytica got their hands on illegally attained data through an app written by a university researcher. While only 270,000 Facebook users installed the app, the app was able to gather data on millions of their friends due to the Facebook data sharing policy at that time. Facebook is now deploying safeguards to protect user data. In the past couple of days, Facebook has put an end to targetted ads using emails attained without consent and no more allows third-party applications to access user data.