Social media giant Facebook has sued a Ukraine-based programmer who allegedly stole the private data of as many as 178 million users. The company is reportedly taking action against Alexander Solonchenko, on grounds of scraping data for millions of its users by exploiting the contact import feature on Messenger.
Made Use of a Scrapped Tool
The programmer allegedly used an automated tool that can mimic Android devices, to achieve the feat, feeding millions of phone numbers to Facebook and gathering data whenever information linked to accounts with particular phone numbers was returned. The scraping campaign was apparently conducted between January 2018 and September 2019 (that is, before the importer was shut down), followed by sale of the data on a dark net forum in December last year.
Th Contact Importer tool allows people to sync their contact lists across phones, in order to find out which contacts are using their Facebook accounts. This would then enable them to connect with those same contacts through Facebook Messenger.
Also Scrapped Data from Other Targets
Solonchenko was eventually traced down by Facebook, and it was found that he had scraped data from other targets as well, like a French analytical firm, a major Ukrainian bank, and the largest Ukrainian private delivery service. In its legal complaint, the firm has demanded undefined damages, along with bans that would prevent Solochenko from accessing Facebook and selling its scrapped data.
The suit has been filed with the Federal District Court for the Northern District of California.
This is not the only large-scale data hack that Faceboom has seen in recent times. The same Messenger feature was used to scrap data for 533 million users this year on April. At the same time though, FB’s attempts to challenge such criminals in court serves to show its determination to discourage others from carrying out similar campaigns.
These problems could potentially stand in the way of Facebook’s dreams of creating a “metaverse,” or a virtual world where users are citizens, and tech companies are like governments. In order to make this ambition a reality, the industry biggies is even planning to change its name, but as long as user data is not safe (the question is, will it ever be?), can it really expect to have people trust it enough to enter such a world? Or maybe the answer is clear already, with people continuing to flock to social media platforms despite the plethora of allegations against them.