show image

Hackers harvested public data of “most” Facebook users

Most Facebook users’ public data has been harvested by malicious actors, according to a bombshell blog featuring a series of extraordinary revelations.

In a post published on Wednesday evening, the social media giant’s CTO Mike Schroepfer outlined how hackers had identified users through a popular search feature.

Malicious actors abused the feature, Schroepfer explained, to find users by submitting phone numbers or email addresses they had harvested through search and account recovery, before scraping their public data.

“Given the scale and sophistication of the activity we’ve seen, we believe most people on Facebook could have had their public profile scraped in this way,” Schroepfer said. “So we have now disabled this feature.”

Buried at the bottom of Schroepfer’s post is another astonishing revelation. It was previously reported that 50 million Facebook users’ data had been harvested by a researcher acting for the political consultancy Cambridge Analytica. Now Schroepfer has confirmed that the real figure may be 87 million.

“In total, we believe the Facebook information of up to 87 million people — mostly in the US — may have been improperly shared with Cambridge Analytica,” he said in the penultimate paragraph of the post.

Shortly after the blog was published, Cambridge Analytica posted a tweet claiming it only received data about 30 million individuals from the researcher who harvested the data. It claims it deleted the data when it became aware it was improperly obtained.

Commenting on the news, Craig Young, computer security researcher at Tripwire, said: “This is one of those situations that should be an eye opener to people on the importance of reading before clicking OK.

“Unfortunately, data privacy is a lot like oral hygiene, everyone knows they should pay attention to it but in practice people tend to neglect it. Many Facebook users are naturally upset about this situation, but in the end the moral of the story here is that people need to be more considerate about what data they are sharing and with whom.”

The reverberations of the scandal continue to be felt around the world this week, as Facebook faces calls from politicians on both sides of the Atlantic for regulation. In an interview with reporters yesterday, CEO Mark Zuckerberg insisted that he was the right person to lead the company, despite investors calling for his resignation.