fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Facebook Leaks Strategy To Numb Reaction To Data Scraping Incidents

Facebook Leaks Strategy To Numb Reaction To Data Scraping Incidents

Facebook’s long-term strategy is to desensitize users about leaked data dumps that were collected through scraping the public portion of the social network.

The plan was revealed after the company leaked to journalists internal communication intended for Facebook’s public relations staff in Europe, Middle East, and Africa.

Facebook’s decision comes after mobile phone numbers and other personal information belonging to about 533 million of its users was published on a hacker forum.

Some of the information included in the cache was also available publicly in user profiles and could have been scraped from the social network.

The data also contained private phone numbers, though, collected because of a vulnerability that Facebook fixed in August 2019, the company told BleepingComputer.

Also Read: The 3 Main Benefits Of PDPA For Your Business

Among the phone numbers in the database was that of  Mark Zuckerberg, Chris Hughes, and Dustin Moskovitz, three of the Facebook social network founders.

Facebook Founders in data leak
Facebook founders’ phone numbers in data leak

Normalizing data scraping

When inquiring about the 533 million data breach, a journalist at DataNews publication in the Netherlands received by accident internal communication from Facebook on how to handle the incident.

According to DataNews, Facebook decided to keep statements at a minimum and wait for media attention to wane. Action in the long run includes dismissing scraping incidents “as a broad industry issue” that occurs regularly.

“Longer term, though, we expect more scraping incidents and think it’s important to both frame this as a broad industry issue and normalize the fact that this activity happens regularly,” reads the internal communication.

The email also mentions the company’s plan to publish a post about Facebook’s anti-scraping effort and transparency about how the issue is being tackled.

“To do this, the team is proposing a follow-up post in the next several weeks that talks more broadly about our anti-scraping work and provides more transparency around the amount of work we’re doing in this area.”

Facebook’s goal with this is to “avoid criticism,” which it has seen plenty for downplaying the seriousness of the 533 million user data leak by labeling it as “old data that was previously reported on in 2019.”

While scraping collects information that is already public, gathering data en masse on users of a service could serve ill-intended actors in various attacks like phishing or SIM swapping.

For this reason, services fight this activity by setting up restrictions for the amount of data that can be collected at once or over short periods from a single address.

Also Read: What Do 4 Messaging Apps Get From You? Read The iOS Privacy App Labels

Available below is the full email that DataNews received by accident is addressed to the PR staff for EMEA region. It includes updates on materials released for users and regualtors as well as a summary of the interest generated among media publications and social conversations.

Facebook leaks strategy for dealing with data scraping
source: DataNews

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us