2 billion users data is vulnerable – Facebook says
San Francisco – Facebook said data on most of its 2 billion users could have been accessed improperly, giving fresh evidence of the ways the social-media giant failed to protect people’s privacy while generating billions of dollars in revenue from the information.
The company said it removed a feature that let users enter phone numbers or email addresses into Facebook’s search tool to find other people. That was being used by malicious actors to scrape public profile information, it said.
“Given the scale and sophistication of the activity we’ve seen, we believe most people on Facebook could have had their public profile scraped in this way,” the company said. “So we have now disabled this feature.”
Facebook also said data on as many as 87 million people, most of them in the US, may have been improperly shared with research firm Cambridge Analytica. This is Facebook’s first official confirmation of the possible scope of the data leak, which was previously estimated at roughly 50 million.
It has resulted in calls from legislators and policymakers for greater regulation of social media, helping to shave billion of dollars from the company’s market value.
“We didn’t take a broad enough view of what our responsibility was and that was a huge mistake. It was my mistake,” Facebook Chief Executive Officer Mark Zuckerberg said on a conference call with reporters. “We’re broadening our view of our responsibility.”
He defended the company’s advertising business model, confirmed he wants to stay in charge and disclosed no “meaningful impact” from an online campaign by some users to delete their Facebook accounts. Facebook stock rose almost 3% in extended trading, after closing at $155.10 in New York.
About 270 000 people downloaded a personality quiz app and shared information about themselves and their friends with a researcher, who then passed along the information to Cambridge Analytica, in a move that Facebook says was against its rules.
Facebook reached the 87 million figure by adding up all the unique people that those 270 000 users were friends with at the time they gave the app permission. Facebook made the new disclosure in an online posting Wednesday.
Cambridge Analytica, which worked for Donald Trump’s 2016 presidential campaign, said it licensed data on 30 million people, countering Facebook’s 87 million estimate. Cambridge Analytica said in a tweet that it “immediately deleted the raw data from our file server, and began the process of searching for and removing any of its derivatives in our system” after Facebook contacted them to let them know data had been improperly obtained.
The revelation, and the subsequent media questions, hint at the grilling Zuckerberg will likely face when he testifies on the matter before Congress next week: How many other Cambridge Analytica-scale leaks of data are out there?
Zuckerberg, in Wednesday’s call, said he couldn’t be sure. “We’re not going to be able to go out and find every single bad use of data, but what we can do is make it a lot harder for folks to do that going forward,” he said. “I think we will be able to uncover a large amount of bad activity that exists.”
The company has been embroiled in controversy for weeks over the revelation that data was shared and then not deleted. It raised questions over the information Facebook compiles on users, makes available to third parties, and what happens to it afterward. Facebook made the announcement along with an update on its plans to restrict data access through its platform.
Zuckerberg defended gathering user data for a business model that lets advertisers use Facebook’s information and targeting tools to reach specific audiences.
“People tell us that if they’re going to see ads they want the ads to be good,” he said, noting that requires keeping track of what people are interested in.
Either way, he thinks he should remain at the helm of Facebook. “I think life is about learning from mistakes and figuring out what you need to do to move forward,” he said.