SYRACUSE -- The personal details of 100 million Facebook users have been collected and published online in a downloadable file, meaning they will now be unable to make their publicly available information private.
People who work at Secure Network Technologies in Syracuse say, to them, it's no surprise.
Company Vice President Steve Stasiukonis says members of the Secure Network Technologies team are basically "hackers for hire". They help companies pinpoint where they are vulnerable online, and Facebook is usually one of their first stops.
"It gives us a lot of intelligence and a lot of data that allows us to find ways of compromising banks, credit unions, hospitals," says Stasiukonis.
Starting with Facebook, the team was once able to get hundreds of employees to reveal their company user names and passwords. Another time, a member of the team created a fake badge under an employee's name. Then, he says he went into a different branch of the company and was given a badge and key.
"Just by getting somebody's information off of Facebook, we were able to use some kinds of shady techniques...where we can come up with somebody's Social Security number," says Chief Technology Officer Robert Clary. "It's actually pretty easy."
The team says there are so many ways to access the information, it's no wonder 100 million users had their information collected. However, the news is scary to some users.
"I think that's ridiculous. I think Facebook really needs to step up its safety standards," says Facebook user Amanda Orr.
The Secure Network Technologies team if you're on Facebook, make sure you use the strictest privacy settings on there. They are not always the default. Also, don't allow friends of friends access to your personal information. Stasiukonis says it works like an onion. If you allow friends of friends to see your information, that's another layer of people who will have it.
Also, be careful what details you share, even if they seem harmless. Listing your birthday or where you went to school can help hackers find other information about you, like your Social Security Number.
We contacted Facebook to get their response to the fact 100 million users had their data collected and published. Here is their statement:
"People who use Facebook own their information and have the right to share only what they want, with whom they want, and when they want. Our responsibility is to respect their wishes. In this case, information that people have agreed to make public was collected by a single researcher. This information already exists in Google, Bing, other search engines, as well as on Facebook. No private data is available or has been compromised. Similar to the white pages of the phone book, this is the information available to enable people to find each other, which is the reason people join Facebook. If someone does not want to be found, we also offer a number of controls to enable people not to appear in search on Facebook, in search engines, or share any information with applications.
"Our terms dictate who and how public information can be accessed, and we are investigating. If the collection in the torrent is a violation of those terms, we will take appropriate legal action, as we have in the past. We try diligently to respect changes in user settings, and therefore in our terms, we prohibit people from scraping our site. The data in the torrent is limited to names and profile URLs, which is less information than is available on Facebook and in Google, Bing, and other search engines."
For more information on this story, visit:
Secure Network Technologies
Facebook article from Secure Network Technologies
Facebook
Original Story:
The personal details of 100 million Facebook users have been collected and published online in a downloadable file, meaning they will now be unable to make their publicly available information private.
However, Facebook downplayed the issue, saying that no private data had been compromised.
The information was posted by Ron Bowes, an online security consultant on the Internet site The Pirate Bay.
Bowes used code to scan the 500 million Facebook profiles for information not hidden by privacy settings. The resulting file, which allows people to perform searches of various different types, has been downloaded by more than 2,400 people.
This means that if any of those on the list decide to change their privacy settings on Facebook, Bowes and those who have the file will still be able to access information that was public when it was compiled.
Bowes' actions also mean people who had set their privacy settings so their names did not appear in Facebook's search system can now be found if they were friends with anyone whose name was searchable.
Jessica Cain will have more on this story tonight on CNYcentral.com, NBC 3 and CBS 5.
Information Courtesy MSNBC
