Analysis of Recent Security Breaches

Analyze a security breach that has occurred in the recent past (within the last three years). In your critical evaluation of the chosen security breach, review and analyze the breach along the following dimensions:

1. What went wrong?
2. Why did it occur?
3. Who was responsible?
4. What were the consequences to the organization?
5. How could it have been prevented?
6. What advice would you offer to prevent such a breach from occurring in the future?

Your paper should meet the following requirements:

• Be 8 pages in length, not including the title page and reference page.
• Follow APA guidelines. Your paper should include an introduction, a body with fully developed content, and a conclusion.
• Support your answers with the readings from the course and at least four scholarly journal articles.
• Cite a minimum of 10 external sources—six of which should be academic and peer-reviewed scholarly sources—to support your positions, claims, and observations.
• Be clear and well written, concise, and logical, using excellent grammar and style techniques. You are being graded in part on the quality of your writing.

Note: A partial draft was previously completed in your submission of milestone 2.

Portfolio Milestone 2

Data Breach: Facebook

Data breaches are incidence where sensitive data is taken or stolen from an organization’s system without the authorization or knowledge of the owners. Both significant to small organizations can be hacked by malicious parties, thus suffering data breaches. In most data breaches, stolen information might include confidential, proprietary, or sensitive information such as matters of national security, customer data, credit card numbers, and trade secrets, among others. The impacts of data breaches may come in the form of heavy fines or damage to the attacked organization’s reputation because of betrayal of trust. Additionally, the clients or customers of these companies might suffer financial losses if their financial information, such as bank passwords, is stolen. In 2021, Facebook announced that some hackers accessed the private data of approximately 500 million Facebook users in 2019 through a feature designed to assist users in finding friends quickly through their contact lists.

What Went Wrong in Facebook’s 2019 Data Breach

According to the organization’s representatives, the company had not planned to notify its users about this data breach until 2021, when a trove of information about these users was published on a hacker’s forum. This revelation forced Facebook representatives to explain what had happened in the data breach and called upon its users to remain vigilant about their privacy while using the social network. Holmes (2021) claims that the data that was exposed to the public included the private data of more than 530 million users from almost 110 countries. More specifically, the published records comprised email addresses, birthdates, phone numbers, full names, bios, locations, and Facebook IDs. However, sensitive information such as passwords, health information or financial information was not scrapped.

The Reason Why the Facebook’s 2019 Data Breach Occurred

The perpetrators of this security breach used “scraping” to perform this data breach. According to Tech Explore (2021), scraping is a technique which entails employing automated software to collect information that is shared with the public through online platforms. The vast trove of Facebook users’ data seems to have resulted from a security flaw that enables user data to be scraped from the social network’s massive database of personally identifiable information (Dellinger, 2021). The first data breach accountable for the buildup of this information breach happened in September 2019. The organization’s representatives asserted that they identified and dealt with the security flaw that led to this data breach in August 2019. It is believed that the hackers used a misconfigured phone importer to obtain data from the target organization’s servers. As Choi (2021) presented, the hackers controlled the victims’ accounts; thus, they would commit crimes without being unnoticed.

Ideally, security and data breaches occur due to vulnerabilities in organisations’ security systems or when their databases are exposed. While an apparent cause of the 2019 data breach was never given, there must have been loopholes in the security system of Facebook, which the hackers exploited to access its servers. Finnerty et al. (2019) explain that mismanagement of users’ passwords might also allow authorized parties to access a server hence hacking many users’ accounts. Furthermore, Facebook’s cybersecurity team did not identify this attack until three years later, when an external firm did. This demonstrates the recklessness of the organization in maintaining and monitoring its databases and servers. Other factors that might have led to the data breach include vulnerabilities in software, password recycling, and misconfigured settings.

The Parties Responsible for Facebook’s 2019 Data Breach

The person that perpetrated this data breach was an unknown user of a low-level cybercriminal forum who was utilizing a similar method of data collection to sell access to user numbers which had been liked to their Facebook accounts. Cox (2021) states that the user of this cybercriminal forum established an automatic system where potential buyers would interact with a Telegram bot by entering their name and phone number. Even though the data was old, this action presented a privacy and cybersecurity risk to the users whose numbers have been exposed because the person that advertised this service claimed that it contained data of over 500 million Facebook users. Motherboard investigated this issue and found out that the Telegram bot had the actual numbers of Facebook users that tried keeping their numbers private. Besides, the Telegram bot contained data of Facebook users from Australia, Canada, the United States, the United Kingdom, and other fifteen countries. The ease of access of the Telegram bot meant that also inexperienced hackers or cyber criminals could obtain this information.

Conclusion

In conclusion, several vulnerabilities in the security systems of Facebook led to the 2019 data breach. Additionally, the organization’s recklessness in notifying its users of the data breach and regularly checking its serves showed that this social media platform did not take its security issues seriously. However, the security agents of Facebook configured the organization’s security details to reduce the possibility of a future data breach. They ensure that solid passwords had been created and that the data that had been initially accessed was backed. Therefore, an organization can evade security breaches by addressing loopholes in their servers and databases and checking for vulnerabilities in their systems.

References

Choi, Y. B. (2021). Organizational Cyber Data Breach Analysis of Facebook, Equifax, and Uber Cases. International Journal of Cyber Research and Education (IJCRE), 3(1), 58-64.

Cox, J. (2021). Bot Lets Hackers Easily Look Up Facebook Users’ Phone Numbers. Vice. https://www.vice.com/en/article/xgz7bd/facebook-phone-numbers-bot-telegram

Dellinger, A. J. (2021). Personal Data Of 533 Million Facebook Users Leaks Online. Forbes. https://www.forbes.com/sites/ajdellinger/2021/04/03/personal-date-of-533-million-facebook-users-leaks-online/?sh=78c33dab717c

Finnerty, K., Fullick, S., Motha, H., Shah, J. N., Button, M., & Wang, V. (2019). Cyber security breaches survey 2019.

Holmes, A. (2021). 533 million Facebook users’ phone numbers and personal data have been leaked online. Business Insider Africa. https://africa.businessinsider.com/tech/533-million-facebook-users-phone-numbers-and-personal-data-have-been-leaked-online/65sy87q

Tech Explore (2021). Facebook says hackers ‘scraped’ data of 533 mn users in the 2019 leak. https://techxplore.com/pdf536986797.pdf