WILL OREMUS - Facebook Can’t Say Why Users Should Still Trust It
On Friday, Facebook announced
a massive security breach—probably the most significant in its history.
Taking advantage of three separate bugs in tandem, hackers gained full control
of at least 50 million users’ Facebook accounts. That meant that, in theory,
the users could do just about anything on those accounts: post status updates
for you, download your photos, send messages to your friends, download your
friends’ nonpublic photos, and much more. Facebook confirmed later on Friday
that the breach would have also given hackers access to users’
accounts on third-party apps and websites for which they used their
Facebook credentials to log in.
Facebook executives
said in a call with reporters Friday afternoon that the company had learned of
the attack on Tuesday, notified law enforcement on Wednesday, and had fixed the
bugs by Thursday night. But Facebook doesn’t know yet who the hackers were,
what they were after, or what they planned to do with any information they
might have stolen.
We should learn more
in the coming days and weeks about the extent of the breach and the nature of
the damage. No doubt the company is investigating it urgently and sincerely.
Unlike some other companies that have been the subjects of huge data breaches
in recent years, Facebook has always had a reputation for taking infosec
seriously. That it hasn’t suffered more breaches like this before now (that we
know of), given what an attractive target it presents to hackers, is a tribute
to its efforts.
But this attack was so
sophisticated that Facebook’s vice president of product, Guy Rosen, said “we
may never know” who perpetrated it… read more:
https://slate.com/technology/2018/09/facebook-data-breach-zuckerberg-trust.html