A blonde haired lady wearing a red hat is walking down the road looking at her phone. Three facebook notifications are overlayed.

Is Facebook safe?

This article was written before the Facebook company rebrand to Meta. As this is about the social network that will remain as Facebook, we saw no need to change anything.

Facebook is the world’s most popular social network; recent data puts the number of active users at 2.89 billion.

While nearly 40% of the global population regularly uses Facebook, many are concerned about how Facebook collects and uses their personal data. Such concerns are undoubtedly heightened by what we hear about Facebook in the news. In recent days, we’ve even had ex-Facebook employees testifying to politicians that the social network should be regulated. Mark Zuckerberg seems to be a fairly regular attendee to political meetings in the United States, too.

On top of that, Facebook has fallen victim to at least four significant data breaches in the past 20 years, including two of the worst three by volume of consumer data stolen. Notably, both of those data breaches have occurred since 2018.

Independent advice website Trusted Reviews recently spoke to industry experts about the data breach risks posed by Facebook and what users can do to mitigate them.

Was your privacy compromised by a recent Facebook data breach? Contact LawPlus now to learn whether you could be entitled to compensation.

What are the main risks of using Facebook?

“The major risks to Facebook users consist of data loss…users impersonation…and due to Facebook’s presence as a global market, the possibility of users falling prey to online scams is ever-increasing,” Yiannis Fragkoulopoulos, customer security director at Obrela Security Industries, told Trusted Reviews.

Fragkoulopoulos cited April 2021’s Facebook data breach, which saw 533 million records stolen in an incident that Facebook claims was due to scraping rather than a bonafide breach. That incident led to those records, including Facebook users names and telephone numbers, being shared on a hacking forum.

Was your privacy compromised by Facebook’s April 2021 data breach? Contact LawPlus now to learn whether you could be entitled to compensation.

Meanwhile, Chole Matthews, a threat intelligence analyst at F-Secure, told Trusted Reviews: “The good thing is that FB is still much more secure than it was pre-Cambridge Analytica days.

“There is still data out there that was scraped from Facebook that was collected by exploiting these former loopholes – this information includes username, passwords: Facebook account data was leaked belonging to over 500 million users including their user ID and phone number.

“This information was found for sale on the dark web and can be used by criminals to log into victims’ accounts or conduct other social engineering campaigns or distribute malware and spam.”

The Cambridge Analytica scandal first came to light in 2016, when a whistleblower revealed the company had exploited loopholes in Facebook’s terms and conditions to harvest user data without permission. This incident was particularly controversial, as there were allegations that Cambridge Analytica data was used to target users with political advertising. There were even fears the data had a significant influence on the Brexit referendum and the 2016 United States presidential election.

Do hackers target Facebook?

Chris Hauk, consumer privacy champion at Pixel Privacy, told Trusted Reviews: “While hackers certainly target Facebook and its users, Facebook usually quickly responds when vulnerabilities are discovered, patching the discovered security hole.

“Users must help protect themselves by staying alert for questionable communications from friends and other parties, all of which could be used to steal more information.”

One of the most helpful things users can do is avoid clicking links or even engaging with messages originating from people they don’t know. It’s also worth being diligent around messages from people you do know, especially if they seem too good to be true or aren’t what you’d ordinarily receive from the person in question. In recent years, many people have received dodgy links for “Free” £50 gift cards for Nandos or a supermarket, and similar scams continue today.

Do Facebook hackers use any specific attacks?

“Hackers have targeted Facebook in the past, such as the “View As” bug that subsequently led to a data breach,” Paul Bischoff, privacy advocate at Comparitech, told Trusted Reviews.

“But Facebook quickly patches any vulnerabilities it finds or is warned about, so probably no attacks that worked a week ago will work today. No matter how good Facebook’s cybersecurity is, it can’t protect users from themselves if they get tricked out of their password or click on a link that downloads malware or leads to a phishing site.”

Fragkoulopoulos brought up the potential to be sent phishing and scam messages, such as those offering freebies, adding: “Facebook is considered a prime target for hackers due to its large number of users, data and connected applications and platforms…Hackers tend to aim for users rather than the platform itself as they are the weakest link in the chain.

“Some of the simplest but most effective attack techniques are exploiting weak passwords and phishing mails, and some of the more advanced ones are malware embedded in ads and SIM swapping attacks.

“As for the platform itself, the recent shutdowns affecting Facebook, Instagram and WhatsApp raised some eyebrows regarding a potential successful cyber attack even though Facebook pointed out that the outage was due to a failed technical configuration.”

Would you let your kids use Facebook?

Matthews said: “My kids wouldn’t want to use Facebook! They are much more interested in YouTube and TikTok.

“However, I would always advise them, as with any online platform where you are sharing data and personal information, you should think about setting up security settings, minimising information that you share and could be exploited, only connect with people you know of can verify and have a good password that isn’t reused for other services.”

In truth, this is sound advice for adults, too. The more personal details publicly available on Facebook, or any social platform, the easier it is for scammers to get a picture of who you are. While you may have a strong password, making your email address and phone number visible along with where you live is often all cybercriminals need to make attempts to use your identity.

Fragkoulopoulos added: “On a basic level, parents should be educated and informed of technology risks, such as those associated with social media platforms.

“On a secondary level, they should be able to transfer the knowledge and awareness to their kids by supervising their online activity. So the answer is that it depends, you should think of it as ‘Would you let your kid alone and unsupervised during their first time at a playground?”

What data does Facebook collect and how are we tracked?

You can be tracked on any website that has Facebook integration. Contrary to what many people think, this isn’t just confined to websites and platforms that allow you to use Facebook as your sign-in. Any site that uses a Facebook comments section or even has a “Share on Facebook” button may be able to track you. Even websites that don’t have those may be using Facebook tracking so they can later advertise to you the next time you open up your Facebook app.

While it’s Facebook doing the tracking, websites using any of these features should outline precisely how you’re tracked in their Cookies Policy.

Has Facebook or another website been tracking you without your consent? This could be a breach of GDPR, and you could be entitled to compensation. Contact LawPlus now to discover if you may be entitled to data breach compensation.

David Emm, principal security researcher at Kaspersky, told Trusted Reviews: “Facebook scandals have continued to dominate the headlines over the past couple of years, with incidents of frequent data mismanagement creating widespread criticisms over the failures of major organisations.

“In the modern world, information is power, and with the very nature of its business model, trading data will always be a central aspect of Facebook’s plans.

“However, this must be done in a secure way and with people’s knowledge and consent. After all, whether it’s your interests, images or date of birth, social media apps collect a whole host of personal information – which can have disastrous consequences if it’s misused.”

Bischoff added: “Facebook can track you on any site that has a Facebook plugin or widget, such as a Share button or comments section.

“The Facebook apps can find your location. Biometric info might be stored to identify you in photos. Perhaps somewhat unique to Facebook is its vast knowledge of relationship networks. It knows who you know, who you communicate with, when, and how often.”

Reiterating Bischoff’s warning, Hauk added: “Any information you enter in your profile, answering “quizzes,” the location of your photos, links you click, and much more are all collected by Facebook.

“Any activity on Facebook (and their partnering sites and services), is collected and recorded by Facebook.”

Has Facebook or another website been tracking you without your consent? This could be a breach of GDPR, and you could be entitled to compensation. Contact LawPlus now to discover if you may be entitled to data breach compensation.

What are the best ways for Facebook users to protect themselves?

The consistent message in all advice about protecting yourself on Facebook is to do just that – protect yourself. Limiting what information is available about you, who can see it, and being vigilant around the links you click and content you engage with will significantly reduce the risks of using Facebook.

While you will always be at risk in the event of Facebook itself falling victim to a breach, at least you’d know you’d done all you could to protect yourself.

Echoing this advice, Emm said: “People need to remain vigilant when using Facebook and other social media sites.

“We have all become accustomed to posting information about ourselves on the internet, but we need to control what we really want to make public and what we don’t.”

In conclusion, Hauk said: “Use ad and tracker blockers, and make sure your privacy protections on your mobile device are all turned on.

“iOS 15 offers multiple new ways to control app and website tracking on your iPhone.”

“Avoid clicking on links or answering ‘fun quizzes.’ Two-Factor Authentication should be turned on for Facebook and other sites where it is available.”

Were you affected by a Facebook data breach? You could be entitled to compensation

If your data was compromised due to a Facebook data breach, you could be entitled to compensation.

Contact us now for a free, no-obligation assessment of your case, and we’ll help you understand if you may have grounds for a data breach claim.