Facebook data leak revealed the phone numbers, addresses, and birthdates of Facebook users who used the service between 2018 and 2019 after the hacking of the platform on April 2021. Ireland’s Data Protection Commission fined Meta $276 million USD.
Shortly after learning of the leak, the DPC launched an inquiry to determine if Facebook conformed to the General Data Protection Regulation (GDPR) regulations of Europe.
Facebook data leak contained the full names, contact information, addresses, and dates of birth of users on the platform between 2018 and 2019. At the time, Meta said that the information was taken by a malicious party using a flaw that the firm addressed in 2019.
Meta was fined due to the Facebook data leak
The DPC has fined Meta three times already this year due to the Facebook data leak. In connection with a slew of 2018 data breaches that compromised the personal information of as many as 30 million Facebook users, the DPC penalized Meta $18.6 million USD in March for poor record-keeping. The European authority also fined Meta $402 million in September after looking at how Instagram handled the data of teenagers.
The DPC fined Meta almost $700 million in 2022; this does not include the $267 million fine WhatsApp paid for breaking European data privacy laws the previous year.
An unnamed Meta spokesperson stated:
We made changes to our systems during the time in question, including removing the ability to scrape our features in this way using phone numbers. Unauthorized data scraping is unacceptable and against our rules and we will continue working with our peers on this industry challenge. We are reviewing this decision carefully.
In a blog post from last year, the company described its efforts to combat data scraping, adding that its External Data Misuse (EDM) team is tasked with identifying, preventing, and blocking data scraping.
Facebook data leak explained
Facebook account holders were alarmed when it was announced that there had been a data leak in early April of last year. A billion and a half Facebook accounts were affected. Since the dataset is from 2019, it was available but not extensively distributed. The information began appearing for free over the weekend on well-known hacking sites.
In 2019, hackers used a flaw in Facebook’s Contact Importer tool to scrape Facebook data. According to the information provided, the users most likely employed Android emulators, which are programs that replicate an Android device on a computer.
They added, let’s say, 10,000 phone numbers to the simulated device’s address book, downloaded the Facebook mobile app, and then used the “import contacts” feature of the program to obtain the remaining information about those 10,000 phone numbers’ profiles. After wiping the device, they repeated the process with an additional batch of 10,000 phone numbers and the process kept going on.
How to protect yourself from possible Facebook data leaks?
Your phone number may still be at risk even if your Facebook login, email, or password information is not included in the Facebook data leak lists. There are simple steps you can take to protect yourself.
Change your profile information to private in your Facebook privacy settings
Hackers stole profile data that was shared with “Friends” or set to be “Public” during this intrusion. This data can be linked with data from other breaches and merged with it to gain access to even more of your personal data and accounts. To set your information private:
- Visit https://www.facebook.com/me/about
- Set your information to private using the ”lock” icon on the right side of he screen
Adjust who can contact you on Facebook
Another important step is to cloak yourself against hackers. To do so:
- Visit https://www.facebook.com/settings?tab=privacy
- Change the settings under ”How people can find and contact you”
By doing these, you can adjust who can search your name just by typing in the search box.
Change the PIN of your phone
SIM swapping is the process of a criminal taking control of a person’s cell phone number and then using that number to access that person’s email, social media, and even financial accounts. We recommend you change your sim card PIN periodically.
It looks like more news is going to come about the last year’s Facebook data leak. We hope the data leak did not affect you. To read more about Meta check out the article titled Why is Facebook laying off: Meta fires 11,000 employees
