Last week’s Facebook hack saw the data of 50 million users compromised, after an attacker exploited the platform’s “View As” feature. As a result, the social network could potentially be hit with a whopping £1.25bn/$1.63bn fine for breaching the Europe’s General Data Protection Regulation (GDPR).
While Data Protection Commission Ireland (DPCI) is clamouring for more information from Facebook, its investigation revealed that less than 10 percent of the 50 million accounts “potentially” affected by the breach lived within Europe. Despite this, the social media platform could still be liable four fines up to four percent of its $40.7bn annual global revenue, according to The Wall Street Journel, potentially resulting in a £1.25bn/$1.63bn payout.
The DPCI expressed its concerns over the breach discovered last Tuesday, as it “affects many millions of user accounts but Facebook is unable to clarify the nature of the breach and the risk for users at this point.” Fortunately, Facebook announced that it was working with the DCPI and other regulators to assess the breach and subsequent risks.
UPDATE Facebook data breach – @DPCIreland understands that the number of potentially affected EU accounts is less than 10% of the 50 million accounts in total potentially affected by the security breach. DPC Ireland statement beneath. #dataprotection #GDPR #EUdataP pic.twitter.com/oSfGy6DP2S
— Data Protection Commission Ireland (@DPCIreland) October 1, 2018
“We’re cooperating fully & will share more info with you as soon as we have it,” reads Facebook’s Twitter reply. “We take this issue very seriously & are committed to understanding exactly what happened. We’ve also taken immediate action to protect people’s security.”
It’s already been determined that passwords remain safe from exposure given the use of authentication tokens to access the data. Personal information housed within each account, however, including personal messages and information from third-party sites in which Facebook was used to log into were reportedly ripe for harvesting. Facebook has plugged the hole by temporarily removing its “View As” feature and forcing potentially affected users to log back in.
Although no timeframe has been set for Facebook to provide answers, it will likely be a very limited window given the scale of accounts affected and the repeated breaches in security experienced by the social media platform.
KitGuru Says: Facebook has proven time and time again that it has more lives than your average cat, however these are soon to run their course if the company keeps making mistakes. Have you changed your mind on Facebook within the past year or two?