The social media site Facebook is reviewing a report which stated that a database consisting of the personal data of over 267 million users was released online. The personal data contained the names, user IDs and phone numbers of these users who are mainly based in the US.
Facebook told French news agency AFP that they are “looking into the issue” but stated they believed the data was gained before the site made changes “to better protect people’s information”.
Comparitech stated on a blog post that an online hacker forum was the site of the database which has likely been shared amongst crime groups interested in downloading the information.
Comparitech, a UK technology news database, said the database was found on the site by Bob Dianchenko – an independent security researcher who said it was readily available. The database was first indexed on the 4th December and was then situated on the site as a download on the 12th December. As of the 19th December the database has been unavailable.
The announcement of this leak comes as Facebook aims to restore trust amongst its users over the safety of their personal information following a few years of heavy concerns regarding the security of the site.
Jamal Ahmed, Fellow of Information Privacy and Director of Kazient Privacy Experts commented on the breach saying that,
“The GDPR requires all organisations to put in place technical and organisational measures to protect the personal information they are handling.”
He continued to say,
“It is very distressing to learn that Facebook may have neglected to put these measures in place on such a scale.”
This month, it was found by the Federal Trade Commission that Cambridge Analytica had misled Facebook’s users about how they used their personal information. In recent years, the now nonexistent firm has been in the middle of a huge data hijacking scandal with the social media site. Facebook were made to pay a record fine of almost £4billion after an agreement with the regulator concluded that the site had mishandled personal information.
The FTC’s inquiry launched in 2018 determined that Cambridge Analytica “engaged in deceptive practices to harvest personal information from tens of millions of Facebook users for voter profiling and targeting.” Research from Facebook itself showed that data from almost 90 million users were jeopardised by the site.
Cambridge Analytica were found to have been misleading by suggesting users take “personality quizzes” and assuring them that no personal information would be downloaded or stored. This case initiated a scandal over data protection as Cambridge Analytica were found to be using this information to create “psychological profiles” of Facebook users.
Kazient Privacy Experts offer bespoke Data Protection, Privacy and GDPR compliance solutions in a language you understand to UK and international organisations, and has received positive media coverage across Europe. Kazient’s GDPR consultants are fully certified to be your outsourced Data Protection Officer or EU Representative. Get in touch to find out how we can help your business by visiting our website www.kazient.co.uk or calling us on 0330 022 9009.