It’s no secret that Facebook has experienced a lot of security-related issues in recent times. From the Cambridge Analytica breach to the most recent attack, where almost 30 million FB accounts were compromised, Facebook has been in hot waters recently, because of their weak security protocols. The latest cyber breach comes in the form of some 81,000 private FB messages being sold online. According to experts, this cyber-hack can be traced back to a recent data breach that happened in September where at least 30 million Facebook accounts were compromised. These private messages could have been extracted from those compromised accounts.
According to Facebook, the culprit is outside of Facebook’s social media reach meaning it’s not under Facebook’s direct control, more particularly, the culprit is identified as a malicious browser extension. The breach was first highlighted in September when a user named FBSaler on an internet forum and posted:
“We sell personal information of Facebook users. Our database includes 120 million accounts.”
The claim was examined Digital Shadows, a cyber-security and it was found out that in fact 81,000 of the profiles posted online as a sample did contain private messages.
The browser extension and third-party apps problem
This isn’t the first time a third-party software or an extension has been responsible for such a massive data breach. Most recently Apple users also suffered from a data breaching app, Adware Doctor on MacOS which was rated No.1 App for MacBooks on the App store, however the app, in reality, was sending private user data to Chinese servers placed in China. The app was immediately deleted from the App Store. The rise of these malicious attacks has increased responsibility on the Google security protocols since Google owns 60% of the browser market share and therefore a lot of social media websites are dependent on Google Chrome.
The software giant recently reported that due to their strict security checks, the number of malicious Chrome extensions has decreased significantly in recent times but this Facebook data-breach proves that malware-packed browser tools in fact still remain a serious issue and a major source for security breaches. Facebook executive Guy Rosen acknowledged this fact as he said:
“We have contacted browser-makers to ensure that known malicious extensions are no longer available to download in their stores.”
Further details regarding the data breach will be revealed in the coming months but for now, many of the users whose information was stolen are based in Ukraine and Russia, though some are from the UK, US, Brazil, and other countries, according to the BBC.