The bad news continues for Facebook, as just hours after the social network reported on the attack they suffered, compromising the information of about 50 million users, a lawsuit was announced against them in a California court, as reported by specialists in ethical hacking.
The lawsuit was filed by two of the social network users, Carla Echavarria, from California, and Derrick Walker from Virginia. This is probably the first of many legal actions against Facebook for this hacking incident.
The lawsuit was filed by two of the social network users, Carla Echavarria, of California, and Derrick Walker of Virginia. This is probably the first of many legal actions against Facebook for this incident.
According to a copy of the lawsuit obtained by an ethical hacking firm, the plaintiffs argue that Facebook did not protect their personal information which, according to an official Facebook statement issued hours before the lawsuit was filed, was collected by yet unidentified hackers who exploited a three-bug combination in the Facebook source code.
“This event has shown the absolute indifference with which the social network manages the personal information of its users”, can be read in a section of the demand. “While this information was supposed to be protected, Facebook, without authorization, exposed that information to third parties through weak or non-existent security policies and data protection protocols”.
The plaintiffs now fear that, due to Facebook’s mistakes, their personal data can be easily accessible to criminals on the dark web. If the lawsuit comes, the plaintiffs will request help, but also punitive damages against Facebook, in the form of a fine, according to the California Civil Code. The value of this possible fine would be decided after the trial.
For specialists in ethical hacking from the International Institute of Cyber Security, it is no surprise that Facebook has been sued after announcing the security breach of which it’s been victim, as there was the antecedent of the more than thirty group lawsuits that were presented after the Cambridge Analytica scandal.
The only thing that can be considered surprising is that this new demand was presented the same day that Facebook revealed the hack, only a few hours after the press release of the organization. Facebook has reported that it still does not have a full sight of the incident and is still investigating the scope of the breach, jointly with the US police agencies.
Facebook said its security team detected the violation after a noticeable increase in user traffic; It has been reported that the attackers got this access through a flaw in the “view as” feature, which allows users to view their profiles from the point of view of other people.
The social media giant also faces pressure from US legislators, who demand that the company disclose more details about the incident to possibly take legal action.
Working as a cyber security solutions architect, Alisa focuses on bug bounty and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.