On Friday, Facebook announced that as many as 50 million users may have had their accounts compromised. For Facebook, this is a huge blow — and the latest of several high-profile breaches that have cast renewed doubts on data privacy. This highlights the need for a robust public-private partnership when it comes to cybersecurity.
Facebook said that it discovered the issue on Tuesday and that it has already been referred to the FBI for a full investigation. The company also says that it fixed the vulnerability and that the “View As” feature, which enabled malicious account access, has been disabled.
In a press call on Friday afternoon, Facebook’s CEO Mark Zuckerberg explained, “The reality here is we face constant attacks.” He also noted that for social media companies, there was an ongoing security arms race.
This particular breach happened because hackers were able to take advantage of digital keys that allow users to stay logged into Facebook. The company has since reset the feature, which is why you likely found yourself logged off of the app Friday morning.
Although the company says that this vulnerability was only recently taken advantage of and more recently discovered, the problem existed beginning in July 2017, when changes to video uploading features were made.
With tens of millions of users affected by the breach, it also meant that privacy concerns were once again vaulted into the national spotlight.
These types of breaches, often considered in personal terms, must be understood as threats to national security. Compromising American user data on social media not only has the potential to undermine individual lives, but also cause broader social harm.
No information on the perpetrator or a potential motive of this particular breach has been released and is still under investigation.
Hopefully, that ongoing investigation and broad public concern will translate into productive conversations between lawmakers and the private sector bolstering cybersecurity across the board. Already, the Department of Homeland Security has rolled out plans for increased public-private partnership on cybersecurity. That is a good move not only to increase the protection of user data but also to effectively prepare for the rapidly changing landscape of digital media.
As technology rapidly develops, close working relationships between the government and companies pioneering new technology will be key not only to keeping data safe but for ensuring proper and coordinated responses to threats.
