100 Million Facebook Profiles Published via P2P

Monday, August 09, 2010

Robert Siciliano

37d5f81e2277051bc17116221040d51c

Personal information on 100 million Facebook users has been scraped from the social media site and is being shared and download as a single file via what is called a Bittorrent. BitTorrent is a peer-to-peer (P2P) file sharing protocol used for distributing large amounts of data.

Facebook  takes on the issue is the data that was scraped wasn’t private at all. To a degree, I agree. The data is being shared through the site, it’s already public.

Here’s how it went down: a good guy hacker developed a program that went through all 500 million profiles and was able to skim (scrape) all the data from Facebook that wasn’t locked down via the users Facebook privacy settings.

Basically if you didn’t lock your privacy settings down, it’s now available in this file. If you lock down your settings today, it’s still in this file.

What’s the point? Hackers like to tinker, and some like to make a point. It seems the hacker here wanted to make a point that your data on social media is up for grabs whether you like it or not.

What’s the risk? It seems the format and way the data was compiled is now searchable in a way that can benefit advertisers and marketers. Can it be used by thieves? It’s too early to tell. In this situation my first concern would be data that you may not want to be around in 20 years that may damage your reputation down the road.

This incident should highlight the lack of privacy and lack of security that exists in social media. Recognize that whatever information you share online, can ultimately end up in anyone’s hands, whether you like it or not.

Lock down your privacy settings and be very conscious of what you share. It may bite you someday.

Robert Siciliano personal and home security expert to Home Security Source discussing social media Facebook scammers on CNN. Disclosures.

Possibly Related Articles:
9222
Privacy
Facebook Privacy
Post Rating I Like this!
85ac6feb584b665e85664974c546cfec
Ray Tan If you didn’t lock your privacy settings down, it’s now available in this file. If you lock down your settings today, it’s still in this file.
We should have paid more attention to those information we would like to share with others.
It is obvious that the profiles are not encrypted correctly.
1281506389
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.