Facebook’s recent breach in security has affected more than just the social media site. In addition to Facebook, it has been revealed that other apps, including Instagram and Tinder, could have been breached as well.
On September 28, Facebook revealed that the “View As” feature created a security issue for more than 50 million accounts. Nearly 90 million people were forced to log back into their accounts if they ever used the “View As” feature.
Unfortunately, Facebook isn’t the only site that was affected.Any app that relies on Facebook credentials as their log-in could have also been affected by the breach. This includes partner company Instagram and even third-party apps like Tinder.
“The vulnerability was on Facebook, but these access tokens enabled someone to use the account as if they were the account-holder themselves” claimed Facebook VP of product management, Guy Rosen.
As such, countless apps that use Facebook login credentials will have to fix their systems as well. It isn’t known whether or not the liability for these apps will fall on Facebook.
It’s virtually impossible to exist in 2018 without leaving a digital footprint — our emails, chat messages, browsing history, credit card information, usernames and passwords. All of that data makes us vulnerable.
Around 60 billion emails are sent every day, and cybersecurity experts believe up to 97% of them are spam. Hacking, phishing, and viruses are an unfortunate fact of life in the digital world.
However, while the United States has been hesitant to stand up and regulate companies like Google and Facebook following data breaches (setting aside overly dramatic congressional hearings), the European Union is pushing pack against the growing reach of these digital giants.
In fact, the EU has had an ongoing battle with Facebook. Back in May, the EU established new rules via the General Data Protection Regulation, or GDPR. This new rule initially set strict requirements for how companies manage the personal data of EU citizens. They also set strict repercussions should a breach occur.
This caused a number of sites and social media sites to rewrite their Terms of Service to adhere to the new regulation. It’s also resulted in countless apps and social media sites to crack down on their security. Twitter alone has taken down around 70 million bot accounts on their site since May.
Facebook managed to skim the line of legality as they disclosed the breach at the last minute, right before the 72-hour deadline.
If a company doesn’t disclose this information to privacy commissioners, they might get slapped with a huge fine, up to 4% of a company’s annual revenue.
For Facebook, that would mean $4 billion, a hefty sum.
It isn’t known whether or not Facebook and other apps have insurance to cover these types of accidents. While homeowner’s insurance offers financial protection for disasters, Facebook utilizes a number of security protocols and internal spam detection efforts to help keep their users safe.
If a breach like this should happen again, Facebook might want to start an insurance fund.
For now, it seems that Facebook is in the clear. The investigation is ongoing and no negligence has been found against Facebook so far even though the code for the “View As” feature was left vulnerable for over a year.
There have also been countless rumors that claim Facebook knew of the breach long before they “discovered” it in the last week of September. However, none of those claims have yet been substantiated.
Photo Credit: stock photo