Facebook blocks 90 million accounts, 50 million have stolen user info

Topic

New Reply

This is just breaking, but the best report I’ve seen is from the Washington Post. Sure to be a big topic over the weekend.
[See the full post at: Facebook blocks 90 million accounts, 50 million have stolen user info]

7 users thanked author for this post.

Morty, OscarCP, wdburt1, Elly, Myst, geekdom, jburk07

Reply | Quote

Replies

No notification to log out, but when I 1st saw the story, I logged out & back in on my phone. There is something that worries me more that I saw on Twitter: https://gizmodo.com/facebook-is-giving-advertisers-access-to-your-shadow-co-1828476051

Here’s the original tweet that links to that: https://twitter.com/bcrypt/status/1045529033163722752

Bought a refurbished Windows 10 64-bit, currently updated to 22H2. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again...

6 users thanked author for this post.

AlexEiffel, OscarCP, Elly, Myst, woody, jburk07

Reply | Quote

WildBill wrote:

No notification to log out, but when I 1st saw the story, I logged out & back in on my phone. There is something that worries me more that I saw on Twitter: https://gizmodo.com/facebook-is-giving-advertisers-access-to-your-shadow-co-1828476051 Here’s the original tweet that links to that: https://twitter.com/bcrypt/status/1045529033163722752

I heard this on the news last night about FB handing over our personal info to advertisers.

MacOS, iOS, iPadOS, and SOS at times.

Reply | Quote

No one should be surprised. Unfortunately, Facebook wants to expand into accessing even more sensitive user information than they currently have access to.

– Facebook is talking to banks to get them to join their Messenger platform and share user
information with them to facilitate some services.

https://www.cnbc.com/2018/08/06/facebook-messenger-could-soon-feature-your-bank-information.html

Having to deal with another ‘sorry we messed up’ from Mr. Z, followed by ‘it will never happen again’ has become too much to take. It is time to rename the company Face-plant and admit they are not capable of protecting user data, sensitive or otherwise.

3 users thanked author for this post.

Elly, Myst, WildBill

Reply | Quote

Not surprising. There probably isn’t anything that can’t be hacked by someone, somewhere. My privacy is important to me so I never got sucked into FB and was told my friends and family “But you’re missing out on so much.”  Emails and telephone calls still work for me and I’m not a Luddite. I also object to my info being monetized by Mr. Z.  John Oliver, in his characteristic satirical way, did a scathing piece on FB on his most recent episode.

6 users thanked author for this post.

Steve, wdburt1, David F, Myst, OscarCP, lanceboil

Reply | Quote

One more delight brought to us, once more, from “the Cloud.” I wonder if those that are such keen proponents of its use for anything and everything, perhaps by some technical means available only to them and so advanced as to be akin to magic, are invulnerable to these kinds of threats. At least these don’t seem to slow them one bit in their ardent quests.

Those people who have flesh-and-blood close friends and, maybe, even followers, only exchange letters with them, talk with them on the phone, exchange home visits with the former and go out on day trips, etc. — and that’s it — should have nothing to worry about here. But the convenience of texting, sharing information on line, etc. is these days, at least for some, a practical and perhaps a necessary tool — for example depending on what one does for work — in any case, a beguiling one to most of us, but with a double-edged blade. One that, at least so far, I have not needed to pick up; what luck.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

4 users thanked author for this post.

wdburt1, Myst, JCCWsusser, Demeter

Reply | Quote

Demeter wrote:

Not surprising. There probably isn’t anything that can’t be hacked by someone, somewhere. My privacy is important to me so I never got sucked into FB and was told my friends and family “But you’re missing out on so much.” Emails and telephone calls still work for me and I’m not a Luddite. I also object to my info being monetized by Mr. Z. John Oliver, in his characteristic satirical way, did a scathing piece on FB on his most recent episode.

Same here on the feedback from family/friends. Got email, got a phone, if you know my physical addy then write me a letter. But I did get sucked in twice and on my way out once more. Far removed from reality, and easy to get hacked, more than the norm anyway. Amazes me that a few friends give exact locations and personal encounters of their habits and also their vacant homestead while on vacation. No thanks.

MacOS, iOS, iPadOS, and SOS at times.

1 user thanked author for this post.

OscarCP

Reply | Quote

The Facebook Security Meltdown Exposes Way More Sites Than Facebook

By Brian Barrett and Lily Hay Newman | September, 28, 2018

 
On Friday, Facebook revealed that it had suffered a security breach that impacted at least 50 million of its users, and possibly as many as 90 million. What it failed to mention initially, but revealed in a followup call Friday afternoon, is that the flaw affects more than just Facebook. If your account was impacted it means that a hacker could have accessed any account that you log into using Facebook.

That’s a lot of them.
…
Sticking with one more secure sign-in does make sense, especially for use on sites that don’t have the resources or inclination to invest heavily in security development. But just like you want your passwords to be unique so compromising one doesn’t expose them all, account diversity is also vital online no matter how ironclad a particular sign-in scheme is. “You don’t want a situation where there’s one breach and your entire online identity is gone,” White says.

 
Read the full article here

6 users thanked author for this post.

walker, wdburt1, jburk07, Elly, Myst

Reply | Quote

Been thinking about it for awhile; then, 3 days ago, I closed my FB account. Like another poster above, I resent Zuck raking in more $ for exploiting my personal info. The news about 2 weeks ago about FB making overtures to, IIRC, banks for their personal info on you, really chafed me. It felt ~so~ good when I hit that button to delete the page and all info, or something like that.
Dpacific

1 user thanked author for this post.

Myst

Reply | Quote

Martin Brinkmann over at Ghacks.net has published a very helpful article with advice for those who use facecloth, with instructions on how to do some account checks:
what-you-should-do-after-the-september-2018-facebook-hack

Keeping IT Lean, Clean and Mean!

1 user thanked author for this post.

jburk07

Reply | Quote

I have never had a FaceBook account and I will go to my grave without ever having a Facebook account.

Like a couple of others have already stated, I too have friends and family members that are obsessed with Facebook.  I have had to explain to them that they can text, email, or heaven forbid, call me and actually talk to me like Homo Sapiens have evolved to do so.

It takes the same or less time to attach some pics to an email or text than it does to post them to FaceBook.

Live chat with Skype, Face Time or Google Duo would be really cool too.

Or stop by and hang out for a while…  I don’t get to see enough of my Grand Nephew.

6 users thanked author for this post.

Steve, OscarCP, Demeter, Myst, BobbyB

Reply | Quote

If you don’t have a good reason for a Facebook account, consider closing it.

Carpe Diem {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
online▸ Win11Pro 22H2.22621.1778 x64 i5-9400 RAM16GB HDD Firefox115.0b2 MicrosoftDefender

2 users thanked author for this post.

Myst, BobbyB

Reply | Quote

Or do not create an account.

1 user thanked author for this post.

Steve

Reply | Quote

This is exactly why spying by M$, FB, Google, and others is pernicious.  The information WILL be hacked.

3 users thanked author for this post.

Bill C., OscarCP

Reply | Quote

It just occurred to me: maybe the repeated statement in trade magazines and their online equivalents, and of those coming from the heads of social media companies, to the effect that “email is so twentieth century”, might be more than mere expressions of personal opinion and more of a way to drum up more business from people that don’t like to see themselves as being behind the times.

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

2 users thanked author for this post.

Bill C., wdburt1

Reply | Quote

If you don’t want anyone having a particular bit of information about you, then don’t post it on Facebook or on any other social media.

Group "L" (Linux Mint)
with Windows 8.1 running in a VM

3 users thanked author for this post.

BobbyB, jburk07, Bill C.

Reply | Quote

MrJimPhelps wrote:

If you don’t want anyone having a particular bit of information about you, then don’t post it on Facebook or on any other social media.

For years I have said this and am still amazed that people who KNOW (not should know, but KNOW) the implications still post sensitive information about themselves.

The real take away should be the warning (i.e., again just common sense) to never, ever allow any social media log-in info, be it Facebook accounts or Google accounts, to serve as a log-in to another account. Even before I knew about that type of thing, I knew that no good would occur by taking that ‘convenient’ step. No corporation offers a convenience without having a benefit to themselves. Cynical, yes, but at this stage in tech, well warranted.

I looked at it like sharing my house or car keys. Yes these are large companies, and yes they tout their security and privacy, but when all is said and done, these constant data breaches never result in the companies receiving any penalties that are significant. Even if they do get criticized and even fined, it is the system admins who are blamed and not the primary senior and middle managers (often marketing and bean-counters) who ordered the policy. The managers who ordered the policies are shielded. Even if they are cachiered, they still float gently on their ‘golden parachutes.’

All the accounts you have linked are potentially vulnerable. Even if you change your log-in data to non-FB accounts, that FB long-in data may still persist on servers.

1 user thanked author for this post.

jburk07

Reply | Quote

Recently howtogeek.com started requiring a social media login in order to post on their forum. I quit visiting their forum at that time. Same for InfoWorld, where Woody’s articles used to be published.

I do have a Gravatar icon – that’s the one which shows here at AskWoody. That is the one link I have knowingly allowed to other sites. I discovered that this was a social media link when I have posted at some other forums, most notoriously Stack Exchange forums. I created an account there with the same email address I use for AskWoody, and lo and behold, my AskWoody avatar showed up. I then proceeded to delete my account at Stack Exchange (and gave them a piece of my mind about them having info about me that I didn’t enter when I created the account).

When I am on my home computer, I browse with Firefox, with NoScript installed and running. I have discovered that just about every site I visit has several Google scripts running, and one or two Facebook scripts running. (You don’t need to allow facebook.net scripts to run in order to access Facebook, so apparently *.net is what Facebook uses for all of the scripts they run on everyone else’s websites, whereas *.com is what they use when you access Facebook itself.) Therefore, I block all Google scripts, and I block all facebook.net scripts.

Interestingly, you never see any Facebook or Google scripts running when you go to a Microsoft site, only Microsoft scripts. (Actually, for Bing Maps I believe there are some non-Microsoft scripts running.) I always allow all Microsoft scripts to run, because Microsoft is not a social media company — they don’t earn much if any money the “social media” way, but rather the old-fashioned way: they charge you up-front for just about all of their products and services, rather than giving you everything for free and then using those products to spy on you and collect information about you.

Group "L" (Linux Mint)
with Windows 8.1 running in a VM

3 users thanked author for this post.

Steve, Bill C., BobbyB

Reply | Quote

I’m not going bother to log in, just stay anon to the board. Sure that my ISP addy is logged but that’s normal. I use facebook. Use a variation of my name, variation of my date of birth. I never use FB to log onto another site. Always close and restart my browser before logging in. Use NoScript so I can allow the three scripts that FB uses. FB knows I like dogs, guns, and Trump. FB knows I don’t like the modern Socialist Democrats, which is what the Democrat party has turned into with their antifa, multiple genders, and generally ever more slimey tactics. And the isp addy I use to log in of course. Could use a vpn but no skin off my nose. I ignore all of their ads, don’t do their childish games or those ‘9 out of 10 people will get this wrong’ tests they use to get your educational level. But then I’m amazed at the lack of intelligence of people who post all sorts of nonsense on the board..

Reply | Quote