750k Filipino Facebook (American) users 'compromised'
October 18, 2018
Over 750k Filipino Facebook users 'compromised' in September data breach
More than 750,000 Philippines-based Facebook user accounts may have been compromised when the social media network was breached in September, the National Privacy Commission said on Friday.
The information was contained in the commission's order for Facebook to, among others, notify the affected data subjects of their exposure and provide identity theft and phishing insurance for affected Filipino data subjects.
More than 30 million people worldwide have been affected by the breach that used Facebook's "View As" feature and Facebook informed the NPC on October 13 that 755,973 Philippines-based Facebook users had been affected.
Of this number, 7,424 are Philippine-based users whose posts on their timeline, their list of friends, groups they are members of, and the names of recent Messenger conversations may have been exposed.
This forced Facebook to log out users from their accounts on September 28.
"As Facebook itself notes, the main potential impact for affected users will be an increased likelihood of getting targeted for professional 'spam' operations and 'phishing' attacks," the NPC said in its order dated October 17 and signed by Commissioner Raymund Liboro.
The NPC said the risk and vulnerability of Filipinos to spam and phishing were regarded as one of the highest in the world.
It cited the Are You Cyber Savvy Report from Kaspersky Lab, which found that nine out of 10 Filipinos were susceptible to phishing attacks.3
"The Commission therefore deems it necessary that Facebook contemplate this cultural gap when notifying the affected data subjects. Facebook should modify its approach and provide a more conducive method that enables affected Filipino data subjects to better grasp the risks they face," the order said.
"Due to the nature and exposure of the Filipino data subjects, Facebook must also provide for identity theft insurance or credit monitoring service for free to affected Filipino data subjects; or, in the alternative, establish a dedicated helpdesk/help center for Filipino data subjects who may be adversely affected by this incident, to provide assistance in identity restoration and other related matters," it added.
According to the NPC, Facebook categorizes the affected users into three distinct groups, or "buckets" based on the personal information the perpetrator may have accessed.
Citing Facebook's report on the breach, the first bucket involves an estimated 387,322 Philippine-based user accounts whose basic profile information may have been compromised.
Basic profile information consists of a user's registered full name, email address, and phone number (if one was so associated with the account).
The second bucket affects around 361,227 Philippine-based user accounts. In addition to the basic profile information potentially obtained as with the first group of users, the perpetrator may have also obtained:
First name used on the profile,
Last name used on the profile,
Name (nickname as set by the user on the profile (if any)),
Email address (primary email address associated with the account),
Phone (confirmed mobile phone numbers associated with account),
Gender (as set by the user on the profile),
Locale (language as picked by the user),
Relationship status (as set by the user on the profile),
Religion (as described by the user on the profile),
Hometown (as set by the user on the profile),
Location (current city, as set by the user on the profile),
Birthday (as set by the user on the profile),
Devices (that are used by the user to access Facebook - fields include 'os' (e.g., iOS) and hardware (e.g., iPhone),
Educational background (as set by the user on the profile),
Work history (as set by the user on the profile),
Website (list of URLs entered by the user into the website field on the profile),
Verified status information (this is a flag for whether Facebook has a strong indication that the user is who they say they are),
List of most recent places where the user has checked in (these locations are determined by the places named in the posts, such as a landmark or restaurant, not location data from a device),
Recent search queries on Facebook, and
Up to the top 500 accounts that the user follows.
The third bucket involves the 7,424 Philippine-based users whose timeline and messenger conversations may have been exposed. -NB, GMA News