The Scandals Bedevilling Facebook
2.10.2018 securityweek Social
Facebook is at the centre of controversy yet again after admitting that up to 50 million accounts were breached by hackers.
Facebook chief executive Mark Zuckerberg said engineers discovered the breach on Tuesday, and patched it on Thursday night.
"We don't know if any accounts were actually misused," Zuckerberg said. "We face constant attacks from people who want to take over accounts or steal information around the world."
Facebook reset the 50 million breached accounts, meaning users will need to sign back in using passwords. It also reset "access tokens" for another 40 million accounts as a precautionary measure.
Here is a roundup of the scandals dogging the social media giant.
- Cambridge Analytica -
In Facebook's telling, everything goes back to 2013 when Russian-American researcher Aleksandr Kogan creates a personality prediction test app, "thisisyourdigitallife", which is offered on the social network.
Around 300,000 people download the app, authorising access to information on their profile and also to the data of their Facebook friends.
In 2015 Facebook makes changes to its privacy policy and prevents third-party apps from accessing the data of users' friends without their consent.
The same year the social network discovers Kogan has passed on the information retrieved via his app to the British company Cambridge Analytica (CA), which specialises in the analysis of data and strategic communication.
In 2016 CA is hired by Donald Trump's US presidential campaign.
Facebook says it was assured by CA in 2015 that the data in question had been erased. But it estimates the firm could have had access to the data of up to 87 million users, most in the United States, without their consent, and mined this information to serve the Trump campaign.
Cambridge Analytica, which denies the accusations, has since filed for voluntary bankruptcy in the United States and Britain.
Facebook is accused of having been lax in its protection of user data, slow to intervene and consistently vague on its privacy settings.
In 2011 it signed a consent decree with US consumer protection agency the Federal Trade Commission (FTC) settling charges that it deceived consumers by telling them they could keep their information on Facebook private, and then allowing it to be shared and made public.
In March this year the FTC said it had opened an inquiry into Facebook's privacy practices, including whether the company violated the earlier agreement, which would incur hefty fines.
Beyond the CA scandal, Facebook estimates the data of nearly all its users may have, at some time, been retrieved without their knowledge.
- Political manipulation -
Facebook and sites like Google, Twitter and Tumblr are also accused of having allowed the spread through their networks of "fake news", including to manipulate public opinion ahead of the US election in favour of Trump.
The sites have acknowledged finding on their platforms messages, accounts and pages associated with the Internet Research Agency, a Saint Petersburg operation that is alleged to be a "troll farm" connected to the Russian government.
It is accused of spreading disinformation and propaganda including via postings -- often in the form of sponsored ads that target users based on their personal data -- that could influence opinion, for example over immigration.
According to Facebook, more than 120 million users had seen such content.
Facebook is in particular accused of not having been vigilant enough on monitoring the content and authenticity of pages and political ads that it carries.
It announced this year that it will require that the sponsors of political ads are identified and verified.
Earlier this month, Zuckerberg said Facebook was better prepared to defend against efforts to manipulate the platform to influence elections.
"We've identified and removed fake accounts ahead of elections in France, Germany, Alabama, Mexico and Brazil," Zuckerberg said.
"We've found and taken down foreign influence campaigns from Russia and Iran attempting to interfere in the US, UK, Middle East, and elsewhere -- as well as groups in Mexico and Brazil that have been active in their own country."