02 October 2018
Facebook, the social media giant is set to face a fine of up to £1.25 billion after revealing that 50 million user accounts were compromised on Tuesday 25 September, with affected users being notified via their Facebook accounts.
This recent data breach has been established as the largest security breach Facebook have faced. It is also one of the more severe breaches, as the hackers obtained “access tokens”, which are a form of security key allowing users to browse Facebook on numerous devices without entering a password.
Obtaining these “access tokens” allowed the hackers to gain full access to a user’s account, including third party applications.
Facebook’s CEO, Mark Zuckerberg addressed the security breach, stating:
“I’m glad we found this and fixed the vulnerability. But it definitely is an issue that this happened in the first place. I think this underscores the attacks that our community and services face.”
Facebook also revealed that the hackers took advantage of the three bugs within the “view as” tool, which was put in place in July 2017, which allows users to view their profile as others see it. Facebook have urged anyone who utilised this tool to log out of their accounts, to allow those user’s access tokens to be reset in order to protect their account. The number of users that were urged to follow this procedure came to a total of around £40 million.
In the event that any European users were affected, Facebook were required to notify the data protection authorities within 72 hours of the breach, in order to comply with Europe’s General Data Protection Regulation (GDPR).
The Irish Data Protection Commission were also notified, clarifying their concern in an email statement:
“this breach was discovered on Tuesday and affects many millions of user accounts, but Facebook is unable to clarify the nature of the breach and the risk for users at this point.”
Facebook’s Vice-president of product management, Guy Rosen confirmed that the security breach is currently under investigation, with the assistance of the FBI.
Rosen commented that the perpetrator’s expertise would have been at a high level, due to the complexity of the breach, however he stated that:
“The investigation is early, and it’s hard to discover who is behind this. We may never know.”
If you have been the victim of a data breach, we can assist you with a compensation claim.
Contact us for assistance on 0151 659 1070.
This article is provided free of charge for information purposes only. It does not constitute legal advice and should not be relied on as such. No responsibility for the accuracy and/or correctness of the information and commentary set out in the article, or for any consequences of relying on it, is assumed or accepted by any member of the law firm.
To find how our friendly and knowledgeable solicitors can help you, contact us today.
Make a free enquiry - Call now - 0151 659 1070