Facebook Initially Ignored Researcher Who Reported Another Stupefying User Data Leak
It does not seem Facebook will be able to catch a break this week after an accidental email revealed the company’s dismissive view of data leakage. The Silicon Valley social media company is facing a possible new leak after a researcher found he could link up to 5 million Facebook accounts to private email addresses daily.
On Tuesday, a video made the rounds that showed a researcher, who remains anonymous, demonstrating a tool called “Facebook Email search v1.0.” This person explained to Ars Technica that as many as 5 million emails could be linked to Facebook accounts in a day, even if said emails were private on an account. Interestingly, the only reason we know of this leak is because Facebook decided to dismiss the issue, with the researcher stating Facebook did not believe it was important enough.
Since then, Facebook has admitted to dropping the ball, stating that it “erroneously closed out this bug bounty report before routing to the appropriate team.” Now, Facebook is taking “initial actions to mitigate this issue” while working to understand what the researcher had found. What is interesting is that it is similar to the recently-uncovered data scraping incident. With this not-so-hot track record in mind, Facebook trying to normalize these types of incidents and frame them as an industry-wide issue is not a great look.
Whatever you think of Facebook, companies who handle any customer data need to be held to higher standards than at present as these situations cannot keep happening. Perhaps it will take legislation or consumers voting with their wallets and clicks, but change is necessary to keep some semblance of privacy.
(Application Image Courtesy Of Ars Technica And Anonymous Researcher)