By: Tim O’Pry | Chief Security Officer
Another day, another few hundred million accounts compromised. Facebook is the most recent (as of late March 2019). This problem has become so common place that it hardly qualifies as news. What is different about this one is that it wasn’t criminals who broke into Facebook and obtained the data. Instead, Facebook found that this information was left unprotected (unencrypted) and available to Facebook employees, and “there is no evidence of date” that the information was compromised—which is a backhanded way of saying, “We don’t know what the heck happened. We just found these few hundred million accounts lying around and figured it probably wasn’t a good thing.” Do ya think? Oh, and it turns out, this info has apparently been “just lying around” like this for YEARS! The only reason we know about it now is due to a whistle blower at Facebook.
The questions that immediately come to mind to me are:
How did something like this happen? Several hundred MILLION accounts just “lying around.” I doubt Mr. Zuckerberg leaves a few hundred million dollars lying around. A leprechaun, he is not.
What else is there just lying around at Facebook and on other systems? Who is protecting our information?
From a cybersecurity and IT professional viewpoint, this indicates an egregious lack of basic security protocols and RESPECT for the privacy and confidentiality of your clients. While I would not be surprised to see Mr. Zuckerberg making another trip to Washington for yet another Congressional hearing, let’s be honest—that doesn’t do squat but give some politicians facetime and help them think they are doing something. One would hope that after the last high profile pillorying, Facebook would have realized their internal systems might just need a bit of an overhaul. Hopefully, the FTC will fine them a few billion after the Cambridge Analytica mess, but even that won’t be enough to move the needle.
What can we do? Short of deleting accounts, the only thing that the average individual can and should do is give serious consideration to what they are posting to their social media account. They can only sell, exploit and LOSE what we give them. Bottom line: if it’s something you wouldn’t want the general public to see, don’t post it to social media.
If you have questions on your Internet security, drop us a line at cybersecurity@hensslerfinancial.com.
Disclosures: The investments referenced within this article may currently be traded by Henssler Financial. All material presented is compiled from sources believed to be reliable and current, but accuracy cannot be guaranteed. The contents are intended for general information purposes only. Information provided should not be the sole basis in making any decisions and is not intended to replace the advice of a qualified professional, such as a tax consultant, insurance adviser or attorney. Although this material is designed to provide accurate and authoritative information with respect to the subject matter, it may not apply in all situations. Readers are urged to consult with their adviser concerning specific situations and questions. This is not to be construed as an offer to buy or sell any financial instruments. It is not our intention to state, indicate or imply in any manner that current or past results are indicative of future profitability or expectations. As with all investments, there are associated inherent risks. Please obtain and review all financial material carefully before investing. Henssler is not licensed to offer or sell insurance products, and this overview is not to be construed as an offer to purchase any insurance products.
