If you’re still on Facebook with all your data at this late date, you pretty much deserve what you get.
The data was reportedly leaked in 2019, but that applies then too.
I’m downloading the USA extract now from some sketchy file sharing link on a Russian-language only Telegram chatroom, almost a gigabyte at <100K/sec. Once it’s leaked, it’s out there.
Covers 32m accounts in the USA, 3.5m Canada, 11.5m UK. My guess is the original attacker was in the middle east, as Egypt (45m) and Saudi Arabia (28m) have a much larger percentage of their populations covered.
So Facebook and other companies who are negligent should have to pay for the problems they caused.
Everybody gets hacked. Problem with FB is due to its nature with the network effect, most people have accounts, so hacking that one site gets you everybody. It’s only 32m accounts in the US and I reckon at least 200m Americans have FB accounts. That said I looked up a bunch of my friends, family, and coworkers and a pretty good chunk of them were in there.
This is why I use a different name and address on every site. Problem is I guess FB requires a phone number too. I wouldn’t know as I’ve never had a FB account in my life. If I did I guess I’d use a Google Voice number, I have a bunch.
Anyway this wasn’t really a security issue. FB wasn’t lax with security, they were lax with privacy. They let you search by phone number with graph search and didn’t rate limit access. Not giving a shit about privacy is FB’s business model, anything that can help users connect is integral to it, so they’re highly resistant to adverse change.
why do people give facebook their phone number?
I read somewhere it required it? I dunno, I have never had a FB account.
(It’s like not watching TV, or going to Harvard. We mention it every chance we get.)
I don’t know if it was ever “required,” but I do seem to remember a time when it was hard to not given the app your phone number. They definitely made a hard push for the info.
80%+ of FB usage is mobile. I assume if you use their app on your phone they have your number, for “account recovery” or similar justification.
Oh, yeah, MS patched five zero days in Exchange Server today. All critical holes that the NSA let them know about.
I’m sure NSA just stumbled upon them
And I’m sure the NSA disclosed all the holes they know about.
:winkyface: