Facebook’s September 2018 Data Breach and Why People Still Choose to Stay
Posted by Sarah Wai on Oct 5, 2018 11:37:49 AM
There has been a dramatic uptick in turmoil at Facebook in 2018 and the couple years previous, thanks to coordinated misinformation campaigns by foreign and domestic players alike, misuse of improperly collected information through Facebook’s third-party apps, and now the mass data breach that has affected over 50 million users.
You would think that Facebook accounts would be closing left and right, but that’s not the case.
Facebook’s Battle for Your Privacy and Protection
For the past couple of years, Mark Zuckerberg has had to defend and protect his beloved company on multiple occasions. Here’s a summary of what’s been happening that has led up to the latest issues at Facebook:
The Crackdown on the Spread of Misinformation and Fake Accounts
In April of 2017, Facebook released their whitepaper “Information Operations and Facebook”, where they stated:
"Civic engagement today takes place in a rapidly evolving information ecosystem. More and more, traditional forums for discussion, the exchange of ideas, and debate are mirrored online on platforms like Facebook – leading to an increase in individual access and agency in political dialogue, the scale and speed of information consumption, as well as the diversity of influences on any given conversation. These new dynamics present us with enormous opportunities, but also introduce novel challenges. In this context, Facebook sits at a critical juncture. Our mission is to give people the power to share and make the world more open and connected. Yet it is important that we acknowledge and take steps to guard against the risks that can arise in online communities like ours."
The point of releasing this whitepaper (which, unfortunately, the masses have not laid eyes on) was to acknowledge that their platform was being misused and that they fully intended to combat it through increased detection methods and the blocking of potentially harmful fake news.
Since then, Facebook has done an excellent job at cutting down the propagation of fake news and has shut down profiles and pages that had contributed to the debacle in 2016 and on.
Cambridge Analytica and Their Unethical Data Collection
When Cambridge Analytica entered the world of politics, they wanted to provide an edge to their clients, so they began collecting personal Facebook data to help their analysts build psychographic profiles that would identify particular people. Their target psychographic profiles were, as the New York Times put it, “a neurotic introvert, a religious extrovert, a fair-minded liberal or a fan of the occult.”
What many people don’t understand or know about this unethical use of data is that it was not a data breach. Everyone involved had given their consent legally by signing up for the app that Cambridge Analytica analysts had created. As Hubspot put it, “People knowingly provided their information, no systems were infiltrated, and no passwords or sensitive pieces of information were stolen or hacked.”
How can that be? Well, every individual that signs up for a Facebook account agrees to the Data Policy set by Facebook, and it specifically used to say:
It has since been updated and appears to provide greater protection for Facebook users; however, it’s still best to be wary of third-party apps as they don’t abide by the same policies as Facebook when it comes to information collection.
Facebook’s 2018 Data Breach that Affected Millions
On Friday, September 28th, 2018, Facebook released a statement that revealed it had experienced a data breach that affected over 50 million user accounts and was carried out by malicious hackers. These hackers took advantage of three site bugs in the system that allowed them to take over user accounts as if they were the account owners.
According to Facebook’s security update from Guy Rosen, VP of Product Management, the investigation was still in its early stages, but they had identified that hackers had exploited a vulnerability in Facebook’s code for the “View As” feature. This allowed the hackers to steal access tokens (the equivalent of a digital key) that keep people logged into Facebook so that they don’t need to continually re-enter their password whenever they want to use the app.
Since this data breach, they fixed the vulnerability in the code and informed law enforcement. They then reset the access tokens of the 50 million account users they knew were affected. This means that if you were suddenly logged out of Facebook this last week, you now know that you were one of the 50 million affected users. They will also take the precautionary step of resetting the access tokens for another 40 million people that were subject to the “View As” lookup in the last year. After users log back in, they should see a notification at the top of their News Feed explaining the breach.
So far, there is no info on whether or not accounts were misused or information was accessed, and the hackers are still unknown.
The Million Dollar Question: Why Do Facebook Users Still Trust the Tech Giant?
The dilemmas that Facebook has faced these last couple years haven’t crashed their company, but why?
Hubspot VP of Marketing, Jon Dick, had an interesting thought. He shared, “My feeling here is that people just assume that their data is constantly breached, so the Facebook news didn't even alarm people.”
Despite the breaches and turmoil on Facebook, there are still 223.4 million people using the app monthly. Hubspot VP of Marketing, Meghan K. Anderson stated, “My personal opinion is that people are making mental tradeoffs. It's a primary connection point to family members, to news, to society at large. And for now, there is no viable replacement to that. The trade-off I'd argue people are making is the very real value of that connection point, versus the not-yet-personally-actualized threat to privacy or security of data."
What are your thoughts? Do you feel the trade-off is why you and others are still on Facebook? Or do you have another theory? Let us know in the comments!
Written by Sarah Wai
Content and Email Marketing Specialist of Tribute Media. B.S. in Media Communications. Certified in Hubspot, Inbound Marketing, Contextual Marketing, and Email Marketing.