According to Business Insider, a low-level hacker forum on Wednesday exposed the data of more than 533 million Facebook users, including more than 32 million records in the US, 11 million in the UK and more than 6 million in India. A total of 106 countries were involved. The data showed that the information, including personal account numbers, users’ names, locations, birthdays, phone numbers and email addresses, was extremely risky.

It is worth noting that the data leak included Facebook CEO Mark Zuckerberg and other senior executives.

According to Facebook, the hackers gained access to Facebook users’ mobile phone numbers by exploiting a 2019 flaw in Facebook’s “Sync contacts” tool. After the bug appeared in 2019, it was fixed. Meanwhile, a Facebook spokesman said that the stolen data did not include users’ financial, health or password information, and that the company decided not to notify users specifically because they could not fix the breach themselves and because their data had already been published online.

But even without passwords, the data can be a stepping stone to further attacks, affecting individuals and businesses. The $5 billion FTC fine after Cambridge Analytica and a $650 million federal fine in January didn’t seem to make Facebook pay more attention to user privacy.

This isn’t the first time Facebook has had a data breach.

The “Cambridge Analytica scandal” was first revealed in March 2018 — a breach of 87 million Facebook user data that a company called Cambridge Analytica used to influence the US election. In the end, the FTC announced a $5 billion settlement with Facebook over the matter.

In September 2019, Facebook confirmed that a database containing more than 400 million phone numbers linked to Facebook accounts had been exposed. A Facebook spokesman said at the time that the amount of user data actually leaked was about 210 million because there were a lot of duplicates in the 419 million.

In December 2019, an online database containing more than 267 million Facebook user ids, names and phone numbers was made public and posted on hacker forums. Facebook later said the database had been destroyed.

Is Facebook’s privacy protection “a sham”?

Facebook’s several user information leaks show that it has not established a complete and rigorous system for user information protection, so it is prone to data leakage. At the same time, after a data breach, Facebook did not do a good job of summarizing problems and preventing new ones from emerging.

So far, most data breaches have been caused by hackers. According to research published by IBM, the main causes of data breaches are malicious and criminal attacks.

In addition to attacking vulnerabilities and using viruses, hackers can take advantage of people’s habit of using the same account and password on different platforms to gain access to more websites through “bump banks” (using compromised accounts and passwords to access other websites). And many companies with large amounts of user data have never put in place effective security management systems, making breaches difficult to prevent.

The importance of user data is self-evident for enterprises. However, most enterprises do not have protection experience and effective response mechanism, or even can not quickly detect data leakage. According to the IBM report, the average time for companies to discover a data breach was 197 days, and it took an additional 69 days to contain the fallout. The longer it takes to discover and control, the higher the cost.

IBM’s study, which looked at more than 2,200 data breaches at 477 companies around the world over the past year, found that large data breaches are costly. On average, leaking one million records would result in a loss of 280 million yuan, while leaking 50 million records would result in a loss of 2.41 billion yuan.

When the global data leakage events are constantly frequent today, the protection of user data privacy becomes particularly important. Facing the grim reality, enterprises must find the perfect solution to protect themselves from the threat of data leakage. In particular, with the trend of “going to the cloud”, enterprises need to adopt the highest standard to ensure the security of key information stored on the cloud. This standard is “end-to-end encryption”.

End-to-end encryption can fundamentally solve the problem of data leakage. Take Zoom for example: As the world’s most popular video conferencing software, its server stores a large amount of commercial and personal privacy data. There was a serious case of user data leakage last year, but then Zoom introduced end-to-end encryption, which effectively filled the technical hole.

What is end-to-end encryption?

This is an encryption scheme based on terminal devices. The encryption and decryption of user data and key generation are completed on computers and mobile phones without the involvement of the server. Therefore, service providers themselves can not decrypt the content stored by users. If the server is breached, hackers can only get meaningless ciphertext, and users can restore data through their own devices and normal use. End-to-end encryption can fundamentally solve the problem of user data leakage.

As a pioneer in data privacy protection technology, Secure Planet has launched cloud storage products and data protection solutions based on end-to-end encryption. Provides file, video stream, voice, photo, document scan encryption, encryption and decryption speed of more than 100MB/s. Service providers or unauthorized third parties cannot leak user data, and users have full autonomy over data. “What really allows users to own the digital world is data privacy security.” That’s what Safe Planet is all about. Visit Safetyplanet.com to experience it now.