- Facebook removing Instagram Story filters that mimic plastic surgery 2 Years Ago
- Mom solves ‘ghost baby’ image mystery after viral post Today 1:23 PM
- Elon Musk tweeted ‘through space’ Today 1:16 PM
- Don’t want a Fitbit? These step tracker apps got you covered Today 12:51 PM
- Protesters sing ‘Baby Shark’ to soothe frightened toddler Today 12:47 PM
- Who is Babu Frik, the adorable, teeny mechanic from ‘Rise of Skywalker’? Today 12:36 PM
- Senators push for social media data portability Today 12:11 PM
- ‘Stage Fright’ is a therapeutic lens into Jenny Slate’s weird world Today 11:34 AM
- Congressmen call on Twitter to shut down accounts for Hamas, Hezbollah Today 11:12 AM
- How to stream Lakers vs. Clippers Today 11:02 AM
- Popular Twitch streamer banned for something he didn’t even say Today 10:13 AM
- What is going on with C-3PO in the final trailer for ‘The Rise of Skywalker’? Today 10:04 AM
- Amazon’s facial recognition misidentified Boston athletes as criminals Today 9:08 AM
- Trump sparks outrage by calling impeachment ‘lynching’ Today 8:58 AM
- Rose Tico returns in the final ‘Rise of Skywalker’ trailer Today 8:44 AM
It was only a matter of time. After raising its estimates for the number of people affected by the Cambridge Analytica scandal, Facebook outright admitted that anyone with an account likely had their personal information compromised.
The social media giant said on Wednesday that “malicious actors” exploited a vulnerability in search and account recovery features to harvest the information of “most” of Facebook’s 2.2 billion users.
“We’ve seen some scraping,” CEO Mark Zuckerberg said on a call with reporters, CNBC reports. “I would assume if you had that setting turned on that someone at some point has access to your public information in some way.”
The problem stems from a search lookup tool that allowed users to find a specific profile by inputting a phone number or email address into the search bar instead of a name. Without going into much detail, Facebook CTO Mike Schroepfer wrote in a blog post that bad actors abused the feature to harvest public profile information by submitting known phone numbers and email addresses. As of yesterday, the feature has been disabled.
“Given the scale and sophistication of the activity we’ve seen, we believe most people on Facebook could have had their public profile scraped in this way,” Schroepfer wrote.
Unlike its encrypted instant messages and other hidden security tools, the search feature was enabled by default. It seems that unless a user navigated to their settings and manually turned it off, their information was left vulnerable.
The revelation comes on the same day we learned that more people were affected by the Cambridge Analytica data scandal than first expected. Facebook raised its estimate to 87 million from the previously reported 50 million. Zuckerberg says he’s confident that number won’t increase. The CEO took full responsibility for the company’s failures to protect user data.
“At the end of the day, this is my responsibility. So there have been a bunch of questions about [firing staff]. I started this place. I run it. And I am responsible for what happens here,” Zuckerberg said.
The company has released a flurry of updates designed to provide transparency about how and why it collects data. Several new features designed to give power back to users were also released as part of its ongoing effort to win back the public. Mark Zuckerberg will testify in front of Congress next week where he’ll explain how these security breaches occurred and try to convince the world that the steps Facebook is taking are enough to prevent them from happening again.
Phillip Tracy is a former technology staff writer at the Daily Dot. He's an expert on smartphones, social media trends, and gadgets. He previously reported on IoT and telecom for RCR Wireless News and contributed to NewBay Media magazine. He now writes for Laptop magazine.