News

Facebook breach: 87 million global, 5.6 million Indian profiles compromised

Making certain policy changes, Facebook announced how users can now control, and delete data from the app and also control several other features which were vulnerable.

FacebookStats.jpg

Facebook has released an official statement on Wednesday that data consisting of more than 87 million profiles were compromised by Cambridge Analytica, a data firm.

Earlier, when the whole incident came into light last month, it was estimated that around 50 million profiles were compromised or their data were shared, without user's consent, with a political consulting firm for the benefit of President Trump during the 2016 election. However, now the report suggests that it was way more than that.

The statistics released by Facebook said about 87 million profiles were breached, out of which around 562,455 were of Indians. Around 70,632,350 profiles of US citizens were compromised and was given to Trump's political consultants for benefiting in 2016 elections.

Making certain policy changes, Facebook announced how users can now control, and delete data from the app and also control several other features which were vulnerable.

“It is very important that governments and private players give due importance to the data they have of citizens. They should repeat audits every year, if not every six months. Only full transparency will restore trust back in this system.

Altaf Halde, Global Business Head, Network Intelligence

Altaf Halde, Global Business Head, Network Intelligence

The statement released by Mike Schroepfer, the CTO of Facebook, said, “Two weeks ago we promised to take a hard look at the information apps can use when you connect them to Facebook as well as other data practices. Today, we want to update you on the changes we’re making to better protect your Facebook information. We expect to make more changes over the coming months — and will keep you updated on our progress.”

Commenting on the same, Altaf Halde, Global Business Head of Network Intelligence, a global cybersecurity services provider said, "This is not the first time that a data breach has happened and certainly not the last time. When it comes to cybersecurity there is no such thing as “100% guarantee” OR “all steps taken to block any future data leak incidents”. Having said that, it is very important that governments and private players give the due importance to the data they have of citizens. They should repeat audits every year, if not every six months, as only full transparency will restore trust back in this system. Or else more bad news is likely to come.

He added, “To detect frauds that misuse authorized logins, the concerned parties should implement robust monitoring mechanisms and a proper incident response mechanism.  It may also be a good idea especially for governments to implement a public bug bounty program and reward researchers who find issues on a much bigger scale. We still don't have any data protection laws or privacy rules to avoid such scenario. Though we have many compliances that companies follow for data protection and privacy issues, the adoption has not yet reached the stage where we can confidently say that, we as citizens are protected in case of any privacy issues."

The statement shared by Schroepfer also stated, "We do not know precisely what data the app shared with Cambridge Analytica, or exactly how many people were impacted. Using as expansive a method as possible, this is our best estimate of the maximum number of unique accounts that directly installed the 'thisisyourdigitallife' app as well as those whose data may have been shared with the app by their friends.