In September 2018, nearly 50 million Facebook users had their accounts exposed in a data breach. It was the largest such attack in Facebook’s history, and the company is still dealing with the blow that its public perception took as a result. Now, according to an explosive report in the Telegraph this week, Facebook employees repeatedly warned the company about the loophole before the breach occurred. However, the flaw was left open for nine months after the issue was first raised.
According to legal documents obtained by the Telegraph, Facebook engineers repeatedly expressed concerns about the platform’s access tokens, noting that it would be “easy” for cybercriminals to exploit them. However, these concerns were allegedly almost all ignored. Now Facebook employees have expressed guilt and anger over their role in the fiasco, and how the company could’ve done far more to avoid the problem in the first place.
“It hurts knowing that if our stuff was done faster [or] in a better state this could have been prevented… this is something I worked on but didn’t finish,” one employee wrote. “The guilt really decided to sucker punch me on this one.”
While it’s not a surprise that Facebook wasn’t careful with user data, it’s still disappointing that it won’t even address serious security problems when its own employees call them out.
The Choice of Tech Experts Worldwide. Try 90 days free of Bitdefender 2020 and experience the highest level of digital safety.
Private Internet Access is an award-winning, cost-effective VPN solution. The use of an anonymous and trusted VPN is essential to your online privacy, security and identity protection.