Facebook missed serious holes in their security system. Their incompetence warrants outrage
Less than a year after the Cambridge Analytica scandal launched a privacy reckoning, Facebook is back in the news over yet another data breach, this one a security breach affecting almost 50 million accounts, leaving many wondering, again, how safe their personal info really is.
The blunder – in which a security flaw in the code for the “View As” feature was exploited by hackers to steal access tokens, allowing them to log in to people’s accounts without a password – is wholly Facebook’s fault. As much as Facebook has emphasized the sophistication of the three-part hack, the vulnerabilities were created by Facebook, when developers updated a birthday video feature in July 2017, and were left wide open by Facebook, for more than a year. Sophisticated hackers executed the breach, but it was a lack of sophistication by Facebook that allowed it.