Facebook warned in advance of a huge data breach
Facebook knew for a year of a vulnerability that has led to one of the biggest data breaches in the company’s history.
This is a leak that came to light in September, where the telephone numbers and e-mail addresses of 29 million people were stolen. Of 14 million of those people, sensitive personal information also appeared on the street, which made identity theft possible. Some 3 million EU residents were affected by the leak.
So-called tokens made the leak possible. With such tokens, devices or apps can easily access the Facebook user’s account without having to log in.
However, those tokens could easily be stolen by criminals, employees warned as early as December 2017. Those employees would now feel guilty because they knew of an attack that could have been averted. According to one employee, the warnings were “almost all ignored”.
The wide access of the tokens would have been a major concern. Even for uploading a video from a third-party app, Facebook gave tokens that provided full access to user data, with no expiration date.