The Privacy Diaries: Cambridge Analytica and the Facebook Security Breach
To say that 2018 was an awful year for Facebook, would be an understatement.
The year began with the infamous Cambridge Analytica scandal, when it was revealed that a firm had purchased data from Facebook on 87 million users that was then released.
Do large companies really care about protecting their user’s data?
The most concerning part about this data purchase was that the data was used to create “personality profiles” — which included geographical locations, likes, age, and access to one’s public profile. This data was used in political events, as an attempt to target marketing to sway voters.
The hack was so impactful that members of congress, the FBI, and senior members of government had to step in and tell the network to gain tighter access, more control, and more oversight into its platform.
Interestingly enough, this began a conversation with Facebook and Zuckerberg as to what exactly constituted as a data breach. Facebook stood their ground in their belief that this was not a data breach, as PR reps stated, “no systems were infiltrated, and no passwords or sensitive pieces of information were stolen or hacked.”
However, personal data was used and sold for a reason that was unknown to users, not to mention, the data was used in an extremely harmful way. Zuckerberg was quoted as stating, “It’s clear now that we didn’t do enough to prevent these tools from being used for harm. That goes for fake news, foreign interference in elections, and hate speech, as well as developers and data privacy.”
This raises the question of user trust with large companies. With a scandal like this — how can a user trust that their personal data won’t be used against them?
The Hack
In September of 2018, the social media network was externally hacked and information of 50 million users was exposed. It was the largest hack the company saw in its 14-year history.
Hackers gained access to information through three flaws in the system’s network. Two bugs were found via an online tool, that was actually implemented to further increase system security, while the third was a bug via an application to upload birthday videos.
To make matters worse, the vulnerabilities were implemented in July of 2017, but Facebook was not aware of the hack until September of 2018, meaning that data was accessed for over a year.
Through Facebook, hackers gained access to even more apps, like Instagram, Spotify, and WhatsApp.
April Doss, chairwoman of a cybersecurity firm, is quoted in the New York Times as stating, “This has really shown us that because today’s digital environment is so complex, a compromise on a single platform — especially one as popular and widely reaching as Facebook — can have consequences that are much more far-reaching than what we can tell in early days of the investigation…”
For any hacker, Facebook’s centralized network was an easy target. Hackers only need access to one computer on the network in order to gain access to the system. However, an app built on a decentralized, blockchain network makes hacking practically impossible. For a hacker to successfully hack into a decentralized network, they would have to access each computer on the network, which is impossible because once information is inputted into a decentralized system, it cannot be tampered with.
As our world continues to be integrated with social media and online technology, more security is needed over the data we share. Trust needs to be restored in larger companies. Using tools built on a decentralized network not only provides safety within the realms of file and data sharing, but it also secures the personal and private data that is inputted into the network.
