The people who want to obtain it have been buying the data and using it to make money. They will now be able to get the same data — plus that of a few million more — free.
Tech security specialist Matthijs Koot was one of the few people to point out that the data of 370 million users became public in January/February this year.
And, he wrote, the only countries listed among the 533 million that were absent from the earlier leak were Afghanistan, Iraq, Jordan, Palestine, Sudan and Syria.
When comparing this 533M set to the 370M set that became public in Jan/Feb, notice the (only) countries that were absent in the 370M set:— Matthijs R. Koot (@mrkoot) April 4, 2021
^^ that set surely does not look random/coincidental. Not sure how to explain. https://t.co/I4AE563MnX
I am no fan of Facebook, but facts are sacred and while technology journalists and writers like to scream themselves hoarse over the how evil Mark Zuckerberg's company is, it is important to stick to the facts.
Asked what was new about the leak, Emsisoft ransomware researcher Brett Callow replied: "What’s new is that the info is now easily and freely accessible by absolutely anyone."
There is some humour to be milked out of the situation as can be seen from the following tweets:
a phrase rarely used not in a toilet— Jonas L (@jonasLyk) April 4, 2021
Hysteria over these kinds of incidents is common. The point nobody has raised is why people are so stupid to post all their personal details on a site like Facebook – or any site for that matter.
People all over the world love to blame technology companies for anything and everything. I am willing to grant that in many cases they do have a point.
Sites like Facebook offer free services and, in turn, use individuals' data to make a buck. People who assume that Facebook has some obligation to treat them like honoured guests are stupid.
When the Cambridge Analytica "scandal" broke, there was a huge amount of hysteria as well. But when Elizabeth Denham, Britain's Information Commissioner, issued a report last October that found the company had used "in the main, well-recognised processes using commonly available technology" to create what it sold to the Trump campaign, few publications bothered to report it.
The story told was that CA, working with Cambridge University researcher Aleksandr Kogan, had used 50 million Facebook users' personal data, which he "scraped" illegally, to influence the results of both the British Brexit vote and the 2016 US election.
There was much sensational reporting by journalist Carole Cadawalladr who wrote about it in an article in 2017 titled The great British Brexit robbery.
Cadawalladr's reporter colleagues at the Guardian, who worked on the story, were sceptical about it as well and privately said it was being pushed on them by senior editorial staff.
She has made no statement about the ICO report. She won a number of awards for her so-called exclusives. Whether she will return them now and acknowledge that her reporting was mostly hype remains to be seen.
Sensational claims about Facebook will continue to be published. It would be good to bear in mind that the company is not extracting the data of anybody at gun-point; the user is willingly giving it up. It's time to take personal responsibility and stop laying all the blame on a company that has just one objective: to make as much money as it can for its shareholders.
Update, 7 April: Inga Goddijn, executive vice-president of vulnerability intelligence, breach data and risk ratings vendor Risk Based Security, commented: “The lack of transparency about the Facebook incident is disconcerting. From my perspective, there has been quite a lot of media attention given to the situation with very little explanation provided by Facebook.
"This type of leak is not all that uncommon. A clear statement from Facebook describing the timeline of the event, their root cause analysis (which apparently was completed in 2019) and what they did to address the situation would go a long way toward putting this latest redistribution of data into context.”