Estimated reading time: 1 minute, 53 seconds

What Does Facebook’s Password Exposure Says About Cybersecurity? Featured

Another week, another revelation about the handling of sensitive personal data by Facebook.

The social media giant disclosed late last month that “hundreds of millions” of user passwords had been stored insecurely and were potentially readable by company employees. The news has led industry observers to weigh in on what this latest compromise means for expectations around cybersecurity generally and the prospect of new legislation in particular.

Facebook’s confirmation of the security compromise, in a March 21 blog post, came after a report which estimated the number of affected users totaled between 200 million and 600 million. The passwords were reportedly stored in plain text.

Facebook said it found “no evidence to date that anyone internally abused or improperly accessed them” or that the passwords were visible to anyone outside of the company. Facebook added that it had “fixed” the problem and would notify impacted users “as a precaution.”

A muted public reaction to the latest disclosure suggests that Facebook may have trained users to accept a lack of cybersecurity, much as people became accustomed to giving up some of their privacy, according to Kalev Leetaru, a senior fellow at George Washington University, who wrote an article on the topic for Forbes.com. Leetaru contends that companies may come to view cybersecurity as an unnecessary expense. After all, he asked, why spend huge amounts protecting databases if there’s no penalty from users for exposing their data?

Public Knowledge, a nonprofit promoting freedom of expression, wrote in its blog that the most recent security compromise shows that Congress needs to enact a “comprehensive” new law with detailed requirements around data security and breach notifications. “Facebook’s response is all American consumers can expect in companies’ behavior: corporate reassurance that nothing went wrong, and a promise to do better in the future,” the nonprofit wrote.

Germany’s Justice Minister, Katarina Barley, blasted the password exposure for its “frightening unprofessionalism.” As Reuters reports, Barley said in a statement that “Facebook only takes responsibility when it’s forced to do so.”

The Financial Times notes what a tough March it has been for Facebook. The company’s app also suffered its largest-ever service outage. Meanwhile, reports surfaced that prosecutors in New York are investigating its data-sharing deals with other major tech groups.

Read 3886 times
Rate this item
(0 votes)

Visit other PMG Sites:

PMG360 is committed to protecting the privacy of the personal data we collect from our subscribers/agents/customers/exhibitors and sponsors. On May 25th, the European's GDPR policy will be enforced. Nothing is changing about your current settings or how your information is processed, however, we have made a few changes. We have updated our Privacy Policy and Cookie Policy to make it easier for you to understand what information we collect, how and why we collect it.