Recently in the media, there has been a big “commotion” about the 100 million Facebook profiles containing user IDs, names, URLs and other data that was obtained and place into a file and posted online by Ron Bowles a security consultant. The media and surprisingly many security professionals have been spinning this matter as massive hack on Facebook and its users, when it fact it really was not.
The data obtained by Bowles were publicly available information that can be acquired by conducting Internet searches using Google, Yahoo and Bing to name a few. Reports stated, Bowles implement a “scraper” which is a small program to collect data from Facebook’s website automatically and the result was a 2.8GB file that he later posted on a peer-to-peer site.
So the driving question is it a hack or not?
To best answer that questions here are some points:
When creating a Facebook account, the user is given many options to what information will be available to the public. The user has the option of sharing “nothing”, “everything” or “a little”. Depending on what was selected will depend on what others are able to view and if your information was obtained by Bowles.
Computer hacking usually involves a degree of infringement on the privacy of the victim or damage to computer-based property. Bowles legally scanned and placed the files in a database, but many feel their privacy was infringed on even though the information was already publicly available.
This event should raise the awareness of what people are doing on Facebook and if they are comfortable enough with the information, they are putting out there. Facebook users need to take stock of their conversations and what information they are posting to others. That information can be used to create a profile along with the publicly available data that can lead to identity theft.
What is your position on the Facebook event?