Brace Yourselves. Facebook Has A New Mega-leak On Its Hands

It's a bit hard to follow. Hacking now has its own vocabulary and slang, and I'm not in on all of it. I guess the gist of it is that someone has a way to find the Facebook account for a given email address - in other words, if they have my email address they can find my facebook page. Offhand I'd say this might not be a big deal - my FB page is public anyway, I want people to find me. But maybe I'm missing something significant. It does sound like FB considers this a bug, if not an actual problem

I'm a little puzzled as well. What does "link Facebook accounts to email addresses" mean exactly? The article is poorly written frankly, it totally failed to explain why I should care. Maybe I should care maybe I shouldn't, maybe it's a big deal, maybe it's nothing, I have no idea after reading that article. One thing they did say is this is essentially the same as a previous bug, since the world didn't end then I guess I don't need to worry about it now.

My email address is on thousands of FB posts.... tens of thousands actually depending on how many shares. Been posting it forever.

I think it means someone wrote software to do this: take a list of email addresses snagged from some insecure web site, and use Facebook APIs to find the FB account (if any) associated with each of those addresses.

That's what I thought it meant as well, but I still don't know why I should care. What does knowing my email address + FB account gain anybody? Anybody that really wants to know could easily figure it out now anyway.

About 10, maybe 15 years ago a couple of university researchers (independently from one another at different universities) came up with algorithms that were demonstrated to accurately reconstruct PII (personally identifiable information) by combining scrubbed databases from medical research and other sources. In other words if your medical or other data was scrubbed of PII and used in a study or research, it could be put back together to fully identify you. Scary right? Yet nothing really came of it.

That said this is far more benign. What are we bracing ourselves for? The article doesn't say. What can they do with my email address? Send me more spam?

If I have just your email address there's no simple way for me to find out if you have a FB account - or if so what name your using for it. But apparently FB made an API available, such that I could write code to search FB for an account with a given email address.

It's that FB keeps leaking information, this time what they tell you that they will keep private ... and this specifically is what spammers look for. If you don't care if your life online is private than stay on Facebook. ... that is what this means.

Frank, any website that has your data is vulnerable to attack. The only way to be perfectly safe is to stay off the internet altogether...and never order anything by phone either, or by mail. Actually, even that wouldn't be totally safe, your utility companies, your bank, your mortgage company etc, etc are all connected to the internet. That cat has been out of the bag for more than 20 years. Chances are there are dozens, maybe even hundreds of internet connected databases out there that have your personal info on them. Yes, FB has it's problems, but so do all of them, focusing on one website accomplishes nothing. About the only thing you can do is get a subscription to an identity protection service.

It's one more black eye for FB and their cavelier attitude to privacy, at a time when federal regulators have them in the crosshairs.

Exactly Jim!

It was last reported that the personal data of more than half a billion Facebook users has leaked online. The leak includes personal information on 533 million users, such as phone numbers, Facebook IDs, full names, locations, birth dates, bios, and email addresses.
https://www.theverge.com/2021/4/4/22366822/facebook-personal-data-533-million-leaks-online-email-phone-numbers

According to Business Insider, a Facebook spokesperson has claimed "the data was scraped due to a vulnerability that the company patched in 2019." It appears that Facebook tried to sweep this massive data breach under the rug.
https://www.businessinsider.com/stolen-data-of-533-million-facebook-users-leaked-online-2021-4

If you still have a Facebook account, be sure to change your password!

. . . or better yet . . . Delete Facebook!

After someone in Missouri collected two unemployment checks against my SS number about four years ago, I got a credit monitoring account for 10 bucks a month. It's paid for itself since it found a few breaches on websites in which I was not active, so I just closed my account on those two websites.

By the way, Yahoo is really bad. After having my Yahoo email hacked TWICE including a business account my boss had for all of us as a backup, I deleted that account 9 years ago when I switched employers.

I'm not going to worry too much about FB. I guess I could go in and change my password.

The inventor of the internet seems concerned ...

"Billions of users have happily handed over their data to big tech companies – doesn’t that show web privacy isn’t a real issue for most people? ...

Most people in their day-to-day lives aren’t worrying about their privacy, but every now and then something happens like the Cambridge Analytica scandal. After things like that, people on the street may be worried that they’re part of a system which is manipulating elections, for instance. And when they’re offered more privacy-preserving alternatives they may become even more aware. ....

Every time something horrible happens with one of the large social networks, a whole bunch of people move over to networks like MeWe that don’t do anything with your data."

https://www.sciencefocus.com/future-technology/interview-web-inventor-tim-berners-lee-thinks-his-creation-is-out-of-control-heres-his-plan-to-save-it

People accept Facebook's behavior because they don't directly experience negative consequences. Even if you're hit with identity theft, you never find out how it happened or what company was responsible.

I don't know how one could not experience the negative effects of Facebook.

Although a necessary evil for selling, it's almost intolerable on so many levels, my list what should change on FB would never end if I actually cared to make a difference there, but I'm willing to let it go.

Great thread Frank.

Like many people I've been thinking about Facebook lately. They can't decide what they're supposed to be, what content to allow, and how to police that content - it's a huge technical problem and not the simple matter many people think it is. Besides the issue of offensive or dangerous content, their basic business model is under increasing pressure. People are getting more aware of, and resentful of, the endless data collection. And we all agree the quantity of ads has gone over the top. To keep investors satisfied that have to keep generating more ad revenue, meaning more data collection and more ads. And this obviously can't go on forever.

Watch the Social Dilemma on Netflix.