Facebook was hacked 6 times in 2019
Facebook's security compromised 6 times in 2019 so far
Facebook dominates a large part of the social media world with Facebook, Instagram, and Whatsapp under its shawl.
However, this year wasn’t a very good one for the company with multiple breaches being reported.
Facebook found storing user credentials in plaintext (March)
Millions of passwords, primarily belonging to Facebook Lite users, were stored in plain text by the social media company. Some of the passwords also belonged to Instagram users. Although the passwords were not visible to anyone outside Facebook and were not internally misused, the company planned to contact the impacted users and enhance security measures.
Misconfigured third-party servers leak user records (April)
Around 540 million Facebook user records were exposed by two misconfigured Amazon cloud servers. Both these servers belonged to third-party companies, ‘Cultura Colectiva’ and ‘At the Pool’ Facebook game. One of the leaky servers was said to contain more than 22,000 user passwords in plain text.
Buffer overflow bug in Whatsapp (May)
Facebook-owned Whatsapp was also in the news this year, for a privacy breach. A major security flaw was reportedly exploited by a private company for cyber espionage. This flaw was a buffer overflow vulnerability that allowed attackers to potentially install spyware on the targeted devices. Whatsapp released patches for this vulnerability.
Unprotected servers expose Instagram influencer records (May)
An unprotected AWS bucket exposed more than 49 million records belonging to Instagram influencers. The exposed information included names, profile pictures, and the number of followers. In some cases, the private contact information was also leaked. The database belonged to a social media marketing firm Chtrbox. The firm secured the database soon after learning about the leak.
Unsecured server leaks Facebook user information (September)
An unsecured server that was publicly accessible exposed more than 400 million records of Facebook users. Names, genders, countries, unique Facebook IDs, and associated phone numbers were said to be among the exposed information. A Facebook spokesperson said that the data was old and was probably obtained before Facebook disabled the option of finding people using phone numbers on the platform.
App developers accessing Facebook groups' member information (November)
The latest breach involved around 100 app developers being able to access the information of Facebook users in certain groups. Facebook, in a blog post, said that at least 11 partners accessed the information in the last 60 days. Although the company found no evidence of access abuse, it promised to ask partners to delete any retained data and revealed plans of conducting an audit to ensure data deletion.
Comments
Post a Comment