The personal details of 100 million Facebook users have been published online by a security analyst, in a stunt intended to expose the social network’s privacy weaknesses.
Ron Bowes, a consultant at Skull Security, used a simple piece of code to “scrape” Facebook profiles, collecting data that was not hidden by users’ privacy settings – including names and profile URLs. The information has been shared on BitTorrent site The Pirate Bay, and has reportedly been downloaded by more than 1,000 users.
“People who use Facebook own their information and have the right to share only what they want, with whom they want, and when they want,” said Facebook. “In this case, information that people have agreed to make public was collected by a single researcher and already exists in Google, Bing, other search engines, as well as on Facebook. No private data is available or has been compromised.”
However, as Bowes points out, “If 100,000 Facebook users decide that they no longer want to be in Facebook’s directory, I would still have their name and URL but it would no longer, technically, be public.”
Some experts claim that Facebook should be taking more responsibility for the privacy and security of its customers, and should have measures in place to prevent attacks.
“It is inconceivable that a firm with hundreds of engineers couldn’t have imagined a trawl of this magnitude and there’s an argument to be heard that Facebook have acted with negligence,” said Privacy International’s Simon Davies.
“They can continue to ride the risk and hope nothing cataclysmic occurs, but I would argue that Facebook has a special responsibility to go beyond doing the bare minimum,”he added.
Meanwhile, life assistance company CPP is warning social networkers of the dangers of putting their personal information on the site, and encouraging people to take responsibility for their own online safety.
“The growth of Facebook over the last few years has been phenomenal and people are becoming more comfortable with sharing their lives online. But Facebook users should never put their full dates of birth or home addresses on the site, no matter how high they set their privacy settings.” said Nicole Sanders, identity fraud expert at CPP.
“Privacy settings systems, regardless of the website, will never be a deterrent to sophisticated fraudsters, so it’s vital that users treat anything they put online as public content,” she added.
Last week, Facebook founder Mark Zuckerberg announced that the social network now has more than 500 million registered users, just six years after it was first launched. Writing on the Facebook blog, Zuckerberg described this as “an important milestone”, and thanked users for helping to spread the site around the world.
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…
View Comments
This is exactly the problem with social networks today; they leave their users vulnerable by collecting way too much data. I found a new social network called SomethingCoolHappened.com that is supposedly safe guarding (based on their blog somethingcoolhappened.blogspot.com) their members by not asking for a lot of identifying information. In this day and age I think this may be the safest way for online interactions to take place.