LinkedIn and Facebook users experienced a massive information leak in a recent cyber attack, leaving many concerned about where their information now lies.
On April 3, a user published phone numbers, emails, and personal data of millions of Facebook users for free. According to Business Insider, the exposed data consists of 533 million Facebook users from 106 countries.
“We put all of our information into these apps. They have our addresses, our occupation, our phone numbers, and emails. We don’t really think much of it until there is a huge leak which certainly questions the security of these multi-billion dollar companies,” said Nadia Herrera-Set, a junior.
This is not the first time that Facebook has been involved in a massive user leak. In 2018, it was announced that the Trump campaign acquired access to private data on millions of Facebook users through Cambridge Analytica, a British consulting firm.
According to NPR, the U.S. Federal Trade Commission ordered Facebook to pay $5 billion in a settlement for violating their agreement to protect user privacy.
“We trust companies like Facebook with all of our data, and I think we all expect that our data is treated with the utmost respect. It is a huge breach of trust, and it should be handled properly to ensure it does not happen again,” said Alec Perkins, a junior.
In a recent statement, Facebook said that it would not notify users whose personal data was leaked.
Days after the massive Facebook data leak, LinkedIn made headlines as they also experienced a breach.
According to CyberNews, an archive purportedly containing scraped data from 500 million LinkedIn users was put for sale on a hacker forum. The data also included users’ full names, email addresses, phone numbers, and work-related information.
In a recent statement, LinkedIn said, “When anyone tries to take member data and use it for purposes LinkedIn and our members haven’t agreed to, we work to stop them and hold them accountable.”
Like Facebook, this is not LinkedIn’s first breach. In 2012, LinkedIn suffered a data breach where hackers claimed they had access to 167 million accounts with 117 cracked passwords, according to Trend Micro.
“You have two multi-billion-dollar companies, both of which are probably used daily by millions and are being hacked too frequently. Facebook’s case is extremely worrying because they aren’t even notifying those that got their information leaked. Not only is it worrying, but it is also very irresponsible,” said Lucas McLaren, a junior.
According to CyberNews, Facebook ranked third out of the largest personal data breaches.
“It is 2021, and we are supposed to be cracking down on security and making everything as safe as possible as we are given access to the most advanced technology. It’s crazy that with all the security in place, an individual was still able to gain access to half a billion files,” McLaren said.
The biggest personal data leak occurred in 2021. ACFE INSIGHTS reported that on Feb. 2, 2021, a user going by the name of Singularity0x01 posted a file on RaidForums titled “Compilation of Many Breaches (COMB) 3.8Billion (Public),” containing billions of passwords and usernames.
“I didn’t even hear about the COMB leak or anything regarding it. It’s unsettling to think that in 2021, a singular person may have had access to that many accounts. The damage they could have done is immense, and it shows that we need to start getting more serious about the security around our data,” Herrera-Set said.
The COMB’s leak was a collection of multiple breaches from Netflix, LinkedIn, Exploit.in, Bitcoin and more, and after running a script, CyberNews concluded that there were more than 3.27 billion email and password pairs in the given file.
As of January, 4.66 billion people were active on the internet, making the COMB leak equivalent to 70% of global internet users if each user was a new record.
“70% of all users. In a singular leak. We really need to figure out how to keep our privacy more secure,” Perkins said.
To determine if your data may be breached, free personal data leak checkers are available for use.
“Everything relies on trust. We trust companies to keep our data safe, and if they are unable to do that, then it truly questions the integrity and the ethics of those companies,” McLaren said.