Latest news
Shopov bought the data, which contained full names, email addresses and Facebook profile URLs, checked it over, and discovered that some of the data is accurate and that some of his friends' data is also there.
After making the discovery public on his blog, he says that he was contacted by Facebook. In a (recorded) phone call, they asked him to forward the data then delete the file in his possession, name the website from which he bought it, remove "a couple of things from your blog," and keep the fact that they had the conversation secret.
"I agreed to send them the data and the website of course, for that was my purpose, he shared later. "I asked if it was possible to tell what the problem was, after they finished the investigation, so that the users could protect themselves, but they they emphasized that it would be an internal investigation and they would not share any information with third parties."
He obviously didn't heed the request on keeping mum about the conversation.
"Facebook is vigilant about protecting our users from those who would try to expose any form of user information. In this case, it appears someone has attempted to scrape information from our site and combine the information with data publicly available elsewhere on the web," Facebook commented the situation for ars technica.
"We have dedicated security engineers and teams that look into, and take aggressive action on reports just like these. In addition to the engineering teams that build tools to block scraping we also have a dedicated enforcement team that seeks to identify those responsible for breaking our Terms and works with our Legal team to ensure appropriate consequences follow. We continue to investigate this specific individual."
According to Shopov, the offer of the data was accompanied by an explanation that it contained only information about active users mostly from the US, Canada, UK and Europe, and that it was collected through a number of Facebook apps. The seller claimed to be an online marketer.
Spotlight
IT security jobs: What's in demand and how to meet it
Posted on 15 May 2013. | Let's say you want a career in information security, where do you start? What credentials do you need? What are employers looking for? Read on to find some answers.
Is Microsoft is reading your Skype communications?
Posted on 15 May 2013. | The question of whether Skype allows U.S. intelligence and law enforcement agencies to access the communications exchanged by its users has still not been adequately answered by Microsoft.
Internet Explorer best at blocking malware
Posted on 14 May 2013. | While Chrome’s malware download protection improved significantly, Internet Explorer 10 continues to outperform the other browsers with a block rate of 99.96%.
Researcher refuses to help Saudi telco to spy on people
Posted on 14 May 2013. | You would think that a Saudi Arabian telecom firm interested in monitoring its users' mobile communications would not be asking a well-known pro-privacy researcher for help, but you would be wrong.
Malicious browser extensions are hijacking Facebook accounts
Posted on 13 May 2013. | Facebook users - especially those in Brazil - are being targeted with malicious browser extensions trying to hijack Facebook profiles, warns Microsoft.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
