To the shock and surprise of many Facebook users, their accounts are up for sale and that too for a pittance! In fact, the price of a user's privacy is merely $3. This revelation came to fore in the wake of recent data breach of over 50 million Facebook accounts. This security flaw witnessed dozens of listings on underground markets on the Dark Web offering buyers personal data of Facebook users for the scant amount.
 
According to The Independent report, listings have appeared on popular dark web market places like Dream Market, which use a similar rating system to other online retailers like Amazon and eBay to verify its vendors. These hacked accounts were reportedly being sold between $3 and $12, but the purchase was through semi-anonymous digital currencies like Bitcoin and Bitcoin cash.
 
Last week, social media giant Facebook stated that up to 50 million accounts were breached in a security flaw exploited by hackers, who stole "access tokens"-- the equivalent of digital keys that enable them to access their accounts. Facebook, however, reportedly said that hackers appear not to have tampered with third-party applications linked to the network. 
 
Facebook engineers analysed logs of outside applications and found no sign of trouble, according to product management vice president Guy Rosen, who in a blog post reportedly said, "That investigation has so far found no evidence that the attackers accessed any apps using Facebook Login." 
 
Facebook chief executive Mark Zuckerberg reportedly said that engineers discovered the breach on September 25, and had a patch in place two days later. Facebook reportedly noticed an unusual spike in activity on September 16 related to a "view as" feature and took as many as nine days to ascertain that it was malicious. 
 
According to Guy Rosen, hackers took advantage of a "complex interaction" between three software bugs, which required a degree of sophistication, adding that vulnerability was created by a change to a video uploading feature in July of 2017.
 
Notably, Facebook took down the "view as" feature -- described as a privacy tool to let users see how their profiles look to other people, as a precaution, and reset the 50 million breached accounts.
 
Rosen reportedly stated that no passwords were taken in the breach, as hackers appeared interested in included names, genders, and home towns, but it was not clear for what purpose.
 
Facebook is trying to determine if hackers tampered with posts or messages, stating that it took a precautionary step of resetting "access tokens" for another 40 million accounts where the "view as" was used.
 
The EU’s General Data Protection Regulation, or GDPR, imposes steep penalties if companies fail to follow rules that include a requirement that they disclose breaches within 72 hours of discovery. That is a tight window that security experts say does not give investigators adequate time to determine the impact of the breach, said a Reuters report. 
 
Watch this Zee Business video

COMMERCIAL BREAK
SCROLL TO CONTINUE READING

Meanwhile, Facebook shares fell for a third day on Tuesday, dropping 1.9 percent to $159.33.