Although the personal information of hundreds of millions of Facebook users was recently leaked online, the company says it has no plans to notify those affected. The incident, which was made possible by a bug in the platform’s contact synchronization feature, reportedly affected 533 million users in 106 different countries, exposing personally identifiable information (PII) such as names, email addresses, phone numbers, and more.
When asked to justify the decision not to alert victims, a Facebook spokesperson explained that the company does not yet have a full picture of the specific users involved in the breach. The fact that fixing the problem did not require users to take action would also have contributed to the decision.
The leak was first discovered by security researcher Alon Gal, co-founder of security research firm Hudson Rock, who spoke with a number of affected users to verify the legitimacy of the data.
After the incident came to light, Facebook stepped in to clarify that the data had not been stolen via hacking, but rather scraped from the platform. Nevertheless, the kind of information exposed could still lay the groundwork for various future attacks on the affected individuals.
In many cases, companies are required by law to notify both regulatory agencies and victims after a data breach. However, due to the complexity and differences between the rules in different territories (and even in different states), the notification obligations do not always apply.
In the UK, for example, a company must notify victims “if a breach is likely to result in a high risk to the rights and freedoms of individuals.” Even then, this duty does not apply if the stolen data was securely encrypted before it was stolen or if measures were taken afterward to limit the extent of the potential damage.
But in any case, it is traditionally considered good faith for a company to alert its customers immediately after such a cyber incident. But in this case, Facebook users should take proactive steps to find out if their data has been compromised.
For Latest News Follow us on Google News
- Show all
- Trending News
- Popular By week