Bad Side Facebook Database Leak

In 2019, personal data consisting of users id, phone numbers, and names of 267 million users were exposed to a database online(Ganjoo, 2019). This database can be accessed by anyone on the internet without a password or identification. This data can be used for SMS spams and phishing attacks. This also allows an attacker to take control of the user’s account. In 2014, a Cambridge University professor, Aleksandr Kogan, ran a personality test app on Facebook(Ma & Gilbert, 2019). Kogan's company, GSR, signed a data-licensing contract with a political consulting firm Cambridge Analytica in order to supply the company with psychological profiles of US voters( Ma & Gilbert, 2019) .

The app was downloaded by over 200,000 Facebook users and collected information of 87 million people. In 2015, Facebook learned that Kogan had shared data that he took from Facebook users with Cambridge Analytica(Ma & Gilbert, 2019). In 2016, Cambridge Analytica sued GSR and Kogan, for selling illegally acquired data.

Facebook found out and did not notify users of the data breach.

Get quality help now

Doctor Jennifer

Verified writer

Proficient in: Facebook Advantages And Disadvantages

5 (893)

“ Thank you so much for accepting my assignment the night before it was due. I look forward to working with you moving forward ”

+84 relevant experts are online

Hire writer

In 2017, the attacker exploited three bugs that were introduced into the site’s ‘’view as’’ feature in July(Julia Wong, 2019). Facebook did not know the hack took place until discovering unusual activity on September 16th. Facebook notified the FBI and vice-president of product management. In 2018, The Guardian and The New York Times published articles exposing the scandal. Steve Bannon, an advisor to the Trump Administration used this data to target US voters during the 2016 presidential elections. Cambridge Analytica worked with Donald Trump’s election team as well as Brexit’s ‘’Leave’’ Campaign(Meridith, 2018).

Both reported having a significant impact on the outcome. Legal documents revealed that Facebook was warned by its employees that eventually led to the data breach in 2018(Dodds, 2020). The loophole that allowed attackers to breach their software remained open for nine months after the first data breach. The aftermath in 2019, Facebook pledged to protect user’s privacy in May. Zuckerberg made a statement, ‘’the future is private’’. Facebook also owns two other apps WhatsApps and Instagram(Lomas, 2019). In April 2019, 267 million Facebook accounts were stored in plain text files. Facebook assured users that the passwords were not accessible or abused(Ma & Gilbert, 2019). Facebook made a statement, ‘’ We are looking into this issue, but believe this is likely information obtained before changes we made in the past few years to better protect people’s information’’(Dodds, 2020).

Clearly describe the relevant players and the public involved in the issue/crisis. Consider who is immediately affected by the crisis (besides the organization), who is peripherally affected, who cares about this issue/crisis, and who are the supporters/opponents of the organization. Provide a brief description of the role and involvement in the crisis for each of the public you identify. The primary public affected are Facebook users. Their privacy is breached and phone numbers, names and id’s that can be used to log into their account or third-party accounts associated with Facebook can be accessed. The secondary public affected are Instagram and WhatsApp users who are peripherally affected by being linked to software being used on Facebook. Facebook peers in Silicon Valley, Amazon, Apple, AT&T, Google, and Twitter appeared to inform of the Senate commerce committee to endorse new federal data protection laws due to the data breach involved with Facebook. The FBI is currently investigating the situation and Congress is considering passing privacy legislation.

Describe the impact of the crisis on the organization. Consider how the crisis has affected the organization’s reputation, credibility, ability to conduct business, ability to fulfill its mission, short-term and long-term impacts, relationship with its key publics, and any other relevant impacts.

Facebook has a long history of privacy abuse. They have shown to give little thought to the privacy of their users. Facebook knew about the information for three years and decided to keep it private leading to public scrutiny on the internet. They have not taken previous warnings from employees or users about security measures that could have prevented the ongoing attacks on users’ personal accounts. Facebook users' Facebook shares fell 3% and of May 9th, Facebook is under investigation by the FTC and will have to pay a fine of $5 billion dollars.

Using the information from class slides, textbooks, the news article, and making some assumptions, identify at least two warning signs that could have preceded this crisis. Discuss the sources where these warning signs would have been found.

The first warning sign was external by having a security flaw that allowed users to publish apps of their own through Facebook and gathering information from people’s accounts and Facebook failing to fix the issue. The second warning sign is internal and includes the employees at Facebook finding a wave of unusual activity found within the ‘’view as feature’’, which allows users to see what their profile looks like to other users.

Based on the two warning signs that you identified, do you think this crisis could have been prevented? If so, explain how you would have prevented this crisis. If not, explain how you would have lessened the impact of this unavoidable crisis. You should draw from class lectures and your textbooks in your response and provide a strong justification for your ideas—convince me that your ideas would have the desired effect.

The crisis could have been prevented by closing the loophole that allowed attackers to get into the site and gather private information after employees warned Facebook about the issue. When Facebook found an issue with the ‘’view as feature’’ they should have informed the public upfront from the beginning and given out a warning to change their passwords and to keep their accounts private. If accounts were kept private and less information was given out to other profiles or third-party accounts through the site, then the entire crisis could have been prevented.

What Facebook could have done to improve was take corrective action. The incident occurred several times over a period of several years and they did not take people’s privacy into consideration. They could have come out with an apology and informed the public about new security measures that will be put in place to make sure that it does not happen again. Facebook could have also given a quicker response to the public instead of keeping it quiet for a year after the first data breach. What Facebook did do well was contact the FBI to investigate who the attackers were. This action is ensuring the public that corrective action is slowly taking place and in the long term, Facebook is taking measures to prevent this type of data breach happens again.