In recent days it was known that the information of more than 533 million users of the social network Facebook was made public, free of charge, through the internet. Location, phone number, email and even identification number of 20% of users were exposed to the world.
That information was allegedly revealed through a hacker forum. So far it is known that the affected users correspond to 106 countries around the world, 32 million from the United States, 11 million from the United Kingdom and 6 million from India. Even Marck Zuckerberg, creator of Facebook, was one of the leaked users.
Colombia was also affected by the leakage of the data of more than 18 million users, according to the newspaper El Colombiano; This situation was confirmed after journalists and other political and celebrity personalities received messages that hacked their WhatsApp accounts.
Due to that situation, The Superintendency of Industry and Commerce initiated an investigation of the Facebook company and its other subsidiaries in order to determine whether it breached or did not comply with national data protection regulations.
“The Superintendency of Industry and Commerce, in its role as the national authority for the protection of personal data, initiated an administrative action ex officio in order to establish whether Facebook (Facebook Inc., Facebook Ireland Limited and Facebook Colombia SAS) complied or not with the data protection regime, especially the principles of security, access and restricted circulation of information, ”the control entity said in a statement.
The investigation, according to the Superindustry, began after the international alerts issued by different agencies for the protection of personal data and public information that would have been generated by the platform’s security problem, with the filtration of 533 million users.
Facebook has 30 million Colombian users among the more than 2,700 million accounts on the platform worldwide. Through this resource, more than 100,000 million messages are shared daily.
“This process is in addition to the actions initiated by various international authorities, in order to obtain clear and precise information on the alleged security incident.. It should be remembered that the Superintendency of Industry and Commerce currently holds the Presidency of the Ibero-American Network of Data Protection Agencies, which brings together 22 authorities in the world ”, added the control entity.
The leaked data is not new, according to the Facebook platform they correspond to the year 2019 when the social network had already reported the problem, which was corrected in August of that year.
Precisely in January 2019, the Superintendency of Industry had already initiated an investigation into Facebook, in which thee ordered to strengthen protection against fraud or unauthorized access to accounts for Colombian users. It was a preventive measure that the social network had four months to implement.
Although in 2019 the user database was known, it was an automated bot that delivered the information in exchange for a price in a hacking chat, the problem was that it was recently announced that it had been revealed freely and for free in the same chat.
Leaked information circulating freely on the internet could provide valuable data to cybercriminals They use personal information to impersonate them or scam them into giving up their login credentials, according to Alon Gal, chief technology officer for cybercrime intelligence firm Hudson Rock, who discovered the leaked data. “A database of that size containing private information, such as the phone numbers of many Facebook users, could lead to bad actors taking advantage of the data to carry out social engineering attacks or hacking attempts.”, dijo Gal a Business Insider.
Gal said that from a security standpoint, there is not much Facebook can do to help users affected by the breach, as their data is already out in the open., but added that Facebook should notify users so they can remain vigilant for possible phishing or fraud with their personal data. “People who sign up with a company like Facebook trust them with their data and Facebook is supposed to treat it with the utmost respect,” Gal said. “Leaking personal information about users is a huge breach of trust and must be dealt with accordingly,” he said.