This has been a big year for Facebook in terms of news headlines, but unfortunately for the social media giant, much of the coverage hasn’t been positive.
Early in 2018, it came to light that consulting firm Cambridge Analytica had acquired illegal data on as many as 87 million Facebook users through the platform. The news ignited controversy over data sharing limitations and user consent and culminated with a congressional testimony from Facebook CEO, Mark Zuckerberg. Facebook also has been under fire for its role in misinformation campaigns by Russians and other hostile foreign powers.
More recently, Facebook is making cybersecurity news via a massive data breach that compromised the data of nearly 50 million users. Facebook, after noticing an unusual surge in user activity, began investigating the breach on Sept. 16. On Sept. 25, engineers discovered that hackers had exploited a feature that allowed users to see their profile from the perspective of another user. The bugs have since been patched. However, Facebook has not come to any conclusive understanding of the nature of the attack or who was responsible. The company says changing passwords is unnecessary, but doing so as a precautionary measure couldn’t hurt.
What happens next is utterly unclear.
Users can’t do much more to protect themselves in the aftermath of the hack. After the event, Facebook logged out 50 million accounts affected by the attack, as well as another 40 million just to be safe, to reset digital tokens. Apart from logging back into the app, users simply must wait as Facebook investigates and comes to a more conclusive understanding of the hack. While the company has advised that changing passwords is unnecessary, doing so as a precautionary measure couldn’t hurt.
Organizations may have more to consider in terms of fallout from the Facebook hack. Most significantly, the breach has ignited some discussion over increasing security regulations. Sen. Mark Warner (D-Va.) has issued several reprimands following the event, following a July paper in which he outlined a number of suggestions for policy reform. Should the data compromise lead to misuses of data, public outcry could add some momentum to such initiatives.
Although no specific requirements have been confirmed for implementation, organizations may be concerned with the current state of their compliance efforts. Lunarline has helped firms of all sizes to improve their compliance with FISMA, RMF and other industry-standard regulations. For more information on how we can help, contact us online today.