Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Facebook Social Networks IT Technology

Facebook Does Not Plan To Notify Half-Billion Users Affected by Data Leak (reuters.com) 22

Facebook did not notify the more than 530 million users whose details were obtained through the misuse of a feature before 2019 and recently made public in a database, and does not currently have plans to do so, a company spokesman said on Wednesday. Reuters: Business Insider reported last week that phone numbers and other details from user profiles were available in a public database. Facebook said in a blog post on Tuesday that "malicious actors" had obtained the data prior to September 2019 by "scraping" profiles using a vulnerability in the platform's tool for synching contacts. The Facebook spokesman said the social media company was not confident it had full visibility on which users would need to be notified. He said it also took into account that users could not fix the issue and that the data was publicly available in deciding not to notify users. Facebook has said it plugged the hole after identifying the problem at the time. Further reading: Facebook Says It's Your Fault That Hackers Got Half a Billion User Phone Numbers.
This discussion has been archived. No new comments can be posted.

Facebook Does Not Plan To Notify Half-Billion Users Affected by Data Leak

Comments Filter:
  • Come on GDPR (Score:5, Insightful)

    by john83 ( 923470 ) on Wednesday April 07, 2021 @05:15PM (#61248814)
    What use were all those damned cookie notices if you can't rip facebook a new one for this kind of nonsense?
  • by beepsky ( 6008348 ) on Wednesday April 07, 2021 @05:17PM (#61248820)
    16506447386, 4, Mark, Zuckerberg, male, Palo Alto, California, Dobbs Ferry, New York, Married:Chan Zuckerberg Initiative, 1/10/2019 12:00:00 AM, 05/14/1984

    First number should be his phone
  • by Fly Swatter ( 30498 ) on Wednesday April 07, 2021 @05:19PM (#61248828) Homepage
    If you want your data somewhat private, don't go posting it on public facing pages that scrapers can get to - which is all of them that are on the internet.

    -Dupity Dupity.
    • by schwit1 ( 797399 )

      What about people who don't have FB account but their PII was on someone's FB account?

    • Yup, I can't believe this thing survives. It's like the zombie of dotcom that just won't die.

      I gave up on FB around four years ago, and get by perfectly well without it. My wife still uses it but she has noticed that people are not that open about sharing anymore, and most of it is pretty boring mundane things. She never posts any more. Also, ads. There is a ridiculous amount of advertising on her feed. If she wants to connect with anyone she uses a messenger app.

      I just can't understand how Zuckerburg keeps

    • by classiclantern ( 2737961 ) on Wednesday April 07, 2021 @09:55PM (#61249462)
      What are you talking about? I didn't give Facebook my name, birth date, phone number, IP address, photo, or any useful data whatsoever. I'm reasonably sure Facebook has a file on me gathered from third party sources (idiot friends). I can't delete it because I don't have a Facebook account. I've tried. I can't delete my Facebook file without giving Facebook identifying information, which I won't do. My only hope, and desire is when corrupt politicians force Facebook to delete ALL the collected data of non-subscribers. As long as Zuck has money to bribe these jerks the public will be targets for every scammer on the planet. No big deal. Go back to watching YouTube videos of cats.
  • If they don't do anything to notify users, there could be another class action lawsuit against them, especially since they are just now reporting this. They are the ones who made it easy to scrape data. Maybe they they got paid to allowed this to happen.

  • by sdinfoserv ( 1793266 ) on Wednesday April 07, 2021 @05:40PM (#61248878)
    PII or "personally identifiable information" is what triggers legal notification of a breach in most states. If this data “leak” does not include name + SSN, drivers license or state ID, or financial account information there are no laws requiring disclosure.
    https://www.ncsl.org/research/... [ncsl.org]
    • by what2123 ( 1116571 ) on Wednesday April 07, 2021 @05:49PM (#61248896)
      Good thing if you're in the EU as GDPR covers PI and it's much more broad than the US definition of PII.
      • But this is just phonebook data.
        • I dont think GDPR cares as long as it's in a visible state online. Not sure how phone books are in the EU but since that's typically physical.media GDPR wouldnt apply except back to the company that originally processed and controlled that data assuming on computer somewhere. PI =!= PII
          • GDPR applies to all data stored and processed by businesses, not just data held on computers.

            The law was designed to be 'technologically neutral' to prevent it becoming outdated by changes in technology.

        • And you have a right to be unlisted. Likewise it's phone book data from a company whose job is not phone books, so it's a reasonable expectation that they would not disclose it as such.

  • by wfgilreath ( 5990630 ) on Wednesday April 07, 2021 @06:07PM (#61248944)
    Here's an article about resources to check if you are exposed... https://www.theverge.com/22367... [theverge.com]
  • Iâ(TM)d argue that Facebook and privacy are the opposite ends of the spectrum. Having data leaked simply means Facebook shared your data with yet another party.

    Facebook wonâ(TM)t do anything to make users aware of leaks or privacy issues unless law or App Store rules require them to do so. Though, they will put up a fight first.

"Someone's been mean to you! Tell me who it is, so I can punch him tastefully." -- Ralph Bakshi's Mighty Mouse

Working...