Data Breaches: What Do They Mean For You?

How to Safeguard our Information
in a World of Security Breaches

What Can We Do when Our Data Gets Out?

Yesterday, all of the tech publications were warning of another major data breach.  Another popular Facebook App exposed users' personal data, and this time, over 120 million users were possibly affected.    Who was careless with our data this time? Nametests.com, a site Techlaurels warned users about over a year ago.

In a nutshell, Nametests had this hole where if you knew the right JavaScript commands, you could potentially access any users' personal information.  A website could exploit this, or any individual who knew how to grab and use a "token."  The "good guy" who discovered this used the flaw to set up a data mining program and subsequently reported the bug to Facebook. The security hole was supposedly closed.

And of course Nametests wanted that hole closed as soon as it was discovered. Who is going to buy a candy bar if there is a bowl sitting next to the register that says "Yours for the taking."  Or to borrow from an old cliche, if you're in the business of selling cows, you don't want to be giving the milk away for free.

Facebook Changes to Better Protect your Personal Data

Facebook Outlines Plans to Restrict Data Mining Through Facebook

Facebook is Making Changes in an Attempt
to Restrict Data Mining through their Platform

Bonus: How to Tell if Cambridge Analytica Has Your Information

By now, everyone has heard about  the Facebook Data Mining Scandal.  Third-party apps have been mining our Facebook data for years now, and Facebook made it very easy for them to do so.  When the extent of what was being shared became public, users were incensed and started leaving the platform in droves. #DeleteFacebook began trending on Twitter.  To prevent becoming the next "MySpace," Facebook promised to make changes to prevent apps from mining your data so freely.  These changes will start rolling out today.

What Types of Data were Apps Collecting Before?

Part of what makes Facebook so popular is the amount of third-party content and the ease of sharing. Anyone can create a "Facebook Page," invite followers, embed apps, and invite users to like and share.  When a user interacts with page content in any way, that page can access personal data related to that user.  In addition, anyone can create a Facebook App, independent of any Facebook Page.  Popular apps include quizzes, profile picture frames, games, and sweepstakes.  

To help developers create content and apps, Facebook provides many developer APIs.  API stands for Application Programming Interface, and it is basically a set of tools that make it easier for third-parties to develop apps and content that work with Facebook.  Facebook provides several APIs, including ones for groups, pages, events, search, and games.  They also offer the Facebook Login API, which makes it easy for users to create accounts on third-party sites without having another username and password to remember.  

Disconnect Your Facebook Apps to Protect Your Personal Data

Facebook Apps May Treat Your Personal Information Like a Commodity

Remove Facebook App Connections to Protect Your Personal Data

We are still reeling from the fallout of the Cambridge Analytica scandal.  Cambridge Analytica purchased data from Facebook App Developers, and then they used it to try to influence us politically.  If you are interested in reading more about the hows and the whys of this breech, please see our previous post, The Facebook Kerfuffle and What it Means For You, as well as all of our previous articles on privacy and protecting your data.  Your data was compromised because you trusted the wrong apps with it.

Now you are aware of why the data miners are creating all of these apps, it is time to disconnect them so that they will no longer have access to your personal information or the contents of your Facebook Profile.  Removing apps used to be quite a tedious process, so many of us just ignored it or put it off, until our Facebook Account was cloned, a rogue app started posting on our behalf, or friends started complaining of receiving messages we never sent.  Thankfully, in response to this catastrophe, Facebook has streamlined the process of app removal, making it much easier. They have also made it easier to see just what kinds of permissions the apps request, as well as to selectively remove permissions. Today, we're going to look at how to do this.  We'll guide you through finding your connected apps, purging those you no longer use or recognize, and examining the permissions the remaining apps require.