You probably haven’t heard this but 533 million Facebook accounts have been leaked. This is due to a very old issue in the Facebook database which allowed some users to leak private and sensitive information. The “bug” was discovered by users on low tier hacking forums and they have been keeping the bug unknown to withdraw as many accounts as they could. On April 11 the bug was discovered by many and was abused. It led to 533 million facebook accounts to be leaked such as emails,passwords,phone numbers,names, etc.
Facebook has addressed the breach and has said “In this case, updating the ‘How People Find and Contact You’ control could be helpful. They also recommend people do regular privacy checkups to make sure that their settings are in the right place, including who can see certain information on their profile and enabling two-factor authentication.” That is supposed to mean that we should protect our own security and information rather than let them handle that. They have also stated that the information was already breached a while ago and that it has only become public now.
I earlier stated that the exploit has been present since before 2021, so why hasn’t Facebook fixed it? They claimed that the exploit was a part of Facebook settings where it would let you find your friends or relatives and with that method people got random names and put them all in a search so they could get all the information on that person that is public. Also this method is still not patched to this day but a powerful computer is required to just store the information and an even more powerful one is required fr the searches.
Some people have gotten their information stolen but they have deleted their accounts and in Facebook’s TOS (terms of service) states that their information should be deleted. Facebook can keep one’s information for up to three months but there are also reports of people’s information getting leaked after they have deleted their account over five years ago. If this were true then it would be a violation of their TOS and Federal Technology Service (FTS) law. They have already been fined for five billion dollars which states that “Facebook, Inc. will pay a record-breaking $5 billion penalty, and submit to new restrictions and a modified corporate structure that will hold the company accountable for the decisions it makes about its users’ privacy, to settle Federal Trade Commission (FTC) charges that the company violated a 2012 FTC order by deceiving users about their ability to control the privacy of their personal information.”
Many people wonder how they can know if their information is being illegally sold or distributed online. And haveibeenpwned.com is the place to go if you are worried if your information is being distributed they have the biggest database of information that is somewhat public. They only tell you if your information is being distributed. They cannot disclose the information at all but also give tips on how to protect your information from being stolen in the future.