A picture of Mark Zuckerberg with graffiti over it to look like a vampire. He has a bag of blood next to him what has the label "Personal Data"

If some weird decree came into force that dictated you could only write data privacy related blog posts about one company, then the company I would choose, hands down, every time would be Facebook.

This time they’ve been caught out storing our passwords in plain text format and they’ve been doing it in the 100s of millions.

Kinda’ goes without saying that not only is this an obvious vulnerability to an external attack, it means that user passwords are at the mercy of Facebook employees who had internal access to the data. In this case, around 20,000 of them. How confident are you that not one of those 20,000 wouldn’t be susceptible to a bit of dark-web password trading? It’s been going on since at least 2012 as well. Oh yeah, it’s not just Facebook but their ‘lite’ version as well and Instagram.

What should I do to make my Facebook account more secure?

Their advice? Change your FB & Instagram passwords.

Our advice? Don’t go on Facebook ever, but if you must, change not only FB passwords but also any other account which used the same passwords.

It should go without saying but unfortunately it still does need saying: Please use different passwords for every single account. If you need help or more information, give us a call.

So, all this came to light initially, via the excellent Krebs on Security website on 21st March but like buses on the route to hell (or Slough) you wait for ages then they all come together. So, fast-forward not very far at all to 3rd April and it turns out that over ½ billion records were exposed on unsecured Amazon S3 buckets, this time via 3rd party FB approved app developers.

Your data = $$$

If it wasn’t already apparent, then hopefully the eye watering numbers of individuals’ personal data that is being harvested (and often leaked) will once and for all underline just how much money can be generated from the data that we create about ourselves. Every time you fill out an innocent looking quiz, make an online comment or even post a picture of your moggy up a tree creates a nugget of data that adds up to nuggets of gold for these data sucking digital vampires. We urge you to think once, think twice and then think again before you give up anything on yourself on the web.

How much does facebook make off each user?

According to the company’s Q4 earnings report, released earlier this year, on average, Facebook make $6.18 (£4.76) from each user per year. So next time you see a huge FB data leak, remember that to Facebook, that data is worth around the same to Facebook as your morning coffee costs you.

One final portent of doom before we sign off: Facebook and its related subsidiaries have suffered a record-breaking amount of downtime in recent months. Often, downtime of this ilk is attributed to some sort of data centre outage, usually power related.

Here’s the thing though, if there is one good thing that Facebook have done – ever, then it’s the instigation of the Open Compute Project, essentially, they brought the ethos of open source software development to the world of hardware. It’s transformed the hyperscale data centres, making them much more efficient, much more productive and more resilient. So, data centre related downtime, while not impossible, is much more unlikely than it used to be. Thus, begging the question – what is the cause of the unprecedented downtime?

See more on OCP HERE

Sorry about all the bad news. The good news? Well spring has finally sprung, oh yeah, and Tiger Woods has his 15th Major, 11 years after the last one and at The Masters!

Risk Crew