Facebook admits year-long data breach exposed 6 million users

SAN FRANCISCO (Reuters):- Facebook Inc has inadvertently exposed 6 million users’ phone numbers and email addresses to unauthorized viewers over the past year, the world’s largest social networking company disclosed late Friday.

Facebook blamed the data leaks, which began in 2012, on a technical glitch in its massive archive of contact information collected from its 1.1 billion users worldwide. As a result of the glitch, Facebook users who downloaded contact data for their list of friends obtained additional information that they were not supposed to have.

Facebook admits year-long data breach

Facebook admits year-long data breach

Facebook’s security team was alerted to the bug last week and fixed it within 24 hours. But Facebook did not publicly acknowledge the bug until Friday afternoon, when it published an “important message” on its blog explaining the issue.

A Facebook spokesman said the delay was due to company procedure stipulating that regulators and affected users be notified before making a public announcement.

“We currently have no evidence that this bug has been exploited maliciously and we have not received complaints from users or seen anomalous behavior on the tool or site to suggest wrongdoing,” Facebook said on its blog.

While the privacy breach was limited, “it’s still something we’re upset and embarrassed by, and we’ll work doubly hard to make sure nothing like this happens again,” it added.

The breach follows recent disclosures that several consumer Internet companies turned over troves of user data to a large-scale electronic surveillance program run by U.S. intelligence.

The companies include Facebook, Google Inc, Microsoft Corp, Apple Inc and Yahoo Inc.

The companies, led by Facebook, successfully negotiated with the U.S. government last week to reveal the approximate number of user information requests that each company had received, including secret national security orders.

(Reporting by Gerry Shih; Editing by Richard Chang)

About these ads

Facebook server outage makes everyone freak out

STAND down. Facebook appears to be back online after a few minutes of a server-wide outage. Everyone can stop losing their minds.

Facebook appeared to be down for many users in the past hour or so with many taking to Twitter to complain that they could not access the site. When YourGadgetGuide tried to access Facebook from the UK 30 minutes ago the servers did not appear to be responding although in the last few minutes it has come back online. Service monitoring site DownRightNow reported that many of its users had reported Facebook as being offline although it is unclear what caused the problem. Facebook later explained that the site outage was due to some work they were doing on the site’s DNS servers.

Facebook server down

Facebook server down freaks out All

It said, “Earlier today we made a change to our DNS infrastructure and that change resulted in some people being temporarily unable to reach the site. We detected and resolved the issue quickly, and we are now back to 100 percent. We apologize for any inconvenience.” Earlier today at around 5pm Eastern Google was also suffering with reports of a GMail being down in the US, the UK and Brazil. were reported in the U.S., as well as Great Britain and Brazil. The email service returned after about an hour, “We’re investigating reports of an issue with Google Mail. We will provide more information shortly”, Google said on the Google Apps Dashboard.

Some dates when Facebook was actually down

On September 23, 2010, Facebook was showing DNS failure when you tried to reach their site. This seemed to be the case for most visitors.

Other general comments from our users about Facebook

  • Facebook can be down or working at various times throughout the day due to server problems, over activity, site problems, bugs, etc.
  • However, it should be pointed out that the servers of Facebook are rarely down and they last about 2 minutes (at most) when they are. If the servers are down, they forward you to a page telling you to come back later; when they maintain the site, they do it account by account, so the homepage is always working.
  • A good Internet connection is necessary to load the page, so if you can’t access Facebook, check that there is nothing else using the Internet on your IP address. If it is always slow, contact your service provider.
  • Sometimes Facebook doesn’t load due to the amount of cookies on your computer. If you have Vista, click Tools, delete browsing history and then delete all.

Messages posted online, apparently linked to hacking group Anonymous, have claimed responsibility for attacking the site, but these have since been debunked. That didn’t stop people from speculating that the outage was orchestrated by Anonymous in response to Facebook’s involvement in the US National Security Administration data-mining scandal.

Eight charged for cybercrimes vs US banks

Federal prosecutors in New Jersey on Wednesday unveiled criminal charges against eight people accused of trying to steal at least $15 million from U.S. customers in an international cybercrime scheme targeting accounts at 15 financial institutions and government agencies. U.S. Attorney Paul Fishman said the conspiring hackers gained unauthorized access to computer networks, diverted customer funds to bank accounts and pre-paid debit cards and used “cashers” to make ATM withdrawals and fraudulent purchases in Georgia, Illinois, Massachusetts, New York and elsewhere. Among the entities targeted were Automatic Data Processing Inc, Citigroup Inc, eBay Inc’s PayPal, JPMorgan Chase & Co, TD Ameritrade Holding Corp and the U.S. Department of Defense, Fishman said.

The charges come as law enforcement officials crack down on cybercrime heists. This has included arrests announced last week of 11 people in the United States, United Kingdom and Vietnam in a worldwide credit card fraud ring, and a May raid on Liberty Reserve, a Costa Rica company that provided a “virtual currency” system to move money without using traditional banking. The alleged ringleader of the latest scheme was Oleksiy Sharapka, 33, of Kiev, Ukraine, who was helped by Leonid Yanovitsky, 38, also of Kiev, according to federal prosecutors. Other defendants are Oleg Pidtergerya, 49, of Brooklyn, New York; Robert Dubuc, 40, of Malden, Massachusetts and Andrey Yarmolitskiy, 41, of Atlanta, who prosecutors said managed crews in their respective areas.

Richard Gundersen, 46, of Brooklyn and Lamar Taylor, 37, of Salem, Massachusetts, were accused of working for Pidtergerya and Dubuc, respectively, while Ilya Ostapyuk, 31, of Brooklyn, allegedly helped move fraud proceeds, court papers show. In a court filing a Secret Service agent described the scheme, including an email about an ultimately thwarted transfer from an ADP account, where Sharapka told Dubuc: “You can do the same thing with the rest of the regular cards, so I can activate them and start giving them to guys to put money on, because we are losing time again.”

Prosecutors charged the eight defendants with three conspiracy counts: wire fraud, money laundering and identity theft. Each defendant faces as much as 20 years in prison on the first two counts and up to 15 years on the third. “Cybercriminals penetrated some of our most trusted financial institutions,” Fishman said in a statement. “Today’s charges and arrests take out key members of the organization, including leaders of crews in three states that used those stolen identities to ‘cash out’ hacked accounts in a series of internationally coordinated modern-day bank robberies.”

NSA performed over 61K hacking operations around the world

NSA whistleblower Edward Snowden came out of hiding to speak with a Chinese newspaper today, claiming that the U.S. is also using its recently revealed surveillance tactics against China. According to an interview Snowden gave to the South China Morning Post, the U.S. government has preformed over 61,000 “hacking operations” in countries across the globe. He also believes hundreds of those missions targeted the Chinese mainland as well as Hong Kong, where Snowden is currently hiding.

NSA performed over 61K hacking operations

NSA performed over 61K hacking operations

He has been in hiding since releasing a slide deck to the Washington Post outlining a government surveillance program called PRISM. Snowden came out a few days later, saying he worked as a defense contractor for the NSA and had access to such information. After that, he disappeared, only resurfacing today to make these comments. According to the slide deck he released, PRISM is a data collection program set up to collect information from a number of top tech companies including Facebook, Google, Microsoft, Apple, and others.

Snowden explained to the SCMP that these individual company requests aren’t the only way the NSA gets data. “We hack network backbones — like huge Internet routers, basically — that give us access to the communications of hundreds of thousands of computers without having to hack every single one,” he told the publication. To those who criticize his choice to make a safe haven of Hong Kong, he explained that he intends to fight for his rights there, and that the Chinese city which was under British rule under 1997.