Facebook Hacks: a History of Security Breaches at Facebook

Facebook is ubiquitous, with billions of users around the world logging in on a regular basis, often on a daily or even hourly basis. Since Facebook is such a giant in social media, you would think it has the best security possible. In recent years, though, Facebook has been the target of multiple security breaches that have negatively affected its users. And while these breaches have violated your privacy, you probably want to stay active on the platform. Dumping Facebook may not be an option, but you can take steps to protect your personal accounts, even on these forums with faulty security.

Online safety begins with secure passwords. Sign up for TeamPassword’s free 14-day trial and find out how to protect your accounts.

History of Facebook Security Breaches

Over the last decade, Facebook has been involved in several major data hacks and/or scandals. These breaches include the following infamous incidents. 

MIT Hacks Facebook

The first known Facebook security breach took place in December 2005 when researchers at MIT developed a script that could download publicly posted information. In this case, researchers were trying to prove that social media users were vulnerable to leaks because of their over-sharing of information online. This MIT group then gained personal data on over 70,000 users without getting their permission.

Six Million User Accounts Breached

In July 2013, a “bug” in the Facebook platform exposed the personal information of over six million users to unauthorized parties. Hackers had exploited this vulnerability for a year before Facebook executives became aware. The stolen data included email addresses and phone numbers. Sadly, any bad actor who knew just one bit of the user’s personal data could get their hands on all of it.

Cambridge Analytica

In 2014, voter-profiling company Cambridge Analytica gained access to the private information of 50 million Facebook users without their knowledge or permission. This data breach allowed Cambridge Analytica to provide the Trump campaign with invaluable insights into US voter attitudes and potentially helped sway the election. 

Various news outlets discovered the breadth of this Facebook security breach in 2018. Until then, the company had kept many of the details quiet. A self-proclaimed outside researcher paid Facebook for the information, a practice that was allowed under their rules. However, this party then passed along the data to Cambridge Analytica, who used it to benefit a private client- something that Facebook definitely did not allow. Even after this “scam” was uncovered, Cambridge Analytica kept much of the information they had fraudulently acquired. 

Foreign and domestic government officials and other parties furiously criticized Facebook for this incident, claiming that their security was woefully lacking and that they had almost casually exposed their users’ information to outside operators. 

In response to this criticism, Mark Zuckerberg said that Facebook does not sell user data and that policy is posted on the platform. 

Protect your online accounts from hackers and corporate carelessness. Sign up for TeamPassword’s free 14-day trial.

The 2019 Facebook Password Scandal

In March 2019, a cybersecurity expert learned that Facebook was storing millions of user passwords in plain text files that were available to more than 2,000 Facebook employees. This security lapse potentially affected hundreds of millions of users. 

2019 was a terrible year for Facebook security, with breaches discovered in April, September and December. Hundreds of millions of users had personal information exposed. 

Facebook and the Dark Web Exposure

Online watchdogs detected one of the most disturbing Facebook breaches in December 2019. Over 267 million Facebook users had their personal data exposed on the dark web, possibly for up to two weeks. The dark web is the home of endless criminal activity, so this breach was egregious. By the time the media reported the breach, Facebook had already made security changes that supposedly fixed this vulnerability. 

The April 2021 Facebook Breach

Those hoping that 2021 would be smooth sailing were disappointed by a huge Facebook hack over the weekend of April 3. This Facebook lapse exposed the personal information of approximately half a billion users, including their names, birthdays, locations and phone numbers. 

Facebook acknowledged the leak but said it stemmed from a security problem in 2019 that their team has since fixed. But many Facebook users found that statement to be of little comfort. The information is out there, and the damage could be ongoing. In the US alone, 30 million accounts were affected. Facebook has not made it easy to find out if your account was one of them. According to experts, you have around a 20% chance of being hacked if hackers stole your account information. 

Protecting Your Personal Data on Facebook and Other Online Sites

Despite its spotty security history, Facebook is still a dominant force in social media. Users have stuck with this forum despite some massive security issues. You should not assume that Facebook will automatically keep your data safe. Instead, you need to be proactive and put safety measures in place on your own.

Limit Security Breaches with Facebook Security Settings

Experts recommend taking the following steps to enhance your Facebook security

  • Clear Off-Facebook Activity History - Facebook can track your activity online when you are not using their platform and use it to target their advertising. Select settings on the menu and then select Off-Facebook Activity and clear history to stop this process. 
  • Disable Third-Party Tracking - If you have used your Facebook login information to sign in to other applications, they are tracking your activity. To disable this function, select Settings & Privacy from the menu and then select Apps and Websites. Click on Active, and then you can disable tracing from individual apps.  
  • Use Two-Factor Authentication on Facebook (and other sites) - The extra time this step takes is worthwhile. To breach your account, hackers would need a security code that is sent only to your mobile phone. On Facebook, you can activate this feature by clicking on the menu and then choosing Settings & Privacy followed by Security and Login. Then simply choose Two-Factor Authentication and enter your phone number and security code.
  • Limit Who Can See Your Personal Posts - You should set your personal Facebook account to private. And if you want to share really personal information, you should limit who can see those posts. You can do this by going to Settings & Privacy and then Settings. Choose who can see your future posts. Then click edit. You can also choose to limit who can see your past posts as well.

The Importance of Password Safety to Prevent Security Breaches

Password security is still one of the best ways to keep your personal information and account access safe. Security breaches are so damaging because hackers take your stolen password, perhaps from Facebook, and then input it into all of your other accounts, hoping that you reuse passwords.

If you are like many other online users, you do reuse passwords, sometimes simply because it’s easier than remembering a dozen or more different passwords. So hackers can turn a Facebook security breach into a bonanza of criminal activity that can harm your finances and your reputation. If you have unique passwords for all of your accounts, then a breach of one will not lead to a breach of others. 

How TeamPassword Can Help Prevent Security Breaches

Safely managing your work passwords can seem overwhelming, even to the most meticulous company. Fortunately, creating and storing unique passwords are simple with TeamPassword. We provide the latest password safety features, including a free password generator that creates impossible to guess passwords that meet the highest security standards.

You can use Teampassword to make sure that your accounts are safe even when social media giants and others leak your passwords. We offer password services that allow you to add, share and manage your internal and client passwords, including those for websites, social media, blogs, and more. You and your employees will not have to remember dozens of secure passwords - we make that part of the process simple while protecting you from security breaches.

You cannot make every account hack-proof, but you can minimize the damage when a breach occurs.

Keep your personal and business information safe with TeamPassword. Try us now and get your first 14 days for free!