How much is your personal information worth?
How about a data set consisting of over 1 million individual’s personal information complete with their full legal name, personal E-mail address, and URL to their Facebook account as confirmation?
According to one ‘mystery’ company that recently sold 1 million Facebook users’ personal information to a very surprised blogger, not very much at all. About $5, to be specific.
It all started when one blogger, a self-proclaimed seeker of ‘cheap’ deals that pertain to potentially useful or interesting subjects, stumbled across an offer for ’1 million Facebook accounts’ for $5. Skeptical but willing to try it out, the blogger purchased the list to be met with much surprise when he actually personally identified many of the users on the list to be people he actually knew personally.
Complete with their personal E-mail address (which Facebook is supposed to keep ‘hidden’), full names, and a link to their page to verify, this blogger had stumbled across a major corporation’s dream come true.
According to the description from the seller of the list, the information was collected through Facebook applications and even checked monthly to ensure validity.
The description stated:
After purchasing the list and being amazed at its legitimacy, the IT blogger detailing the event along with screenshots and a surprising follow-up.
Using his personal E-mail provided when signing up for his Facebook account, Facebook’s ‘policy’ team member sent him an E-mail asking him to set up a call with the company.
During the call, things got very concerning.
Facebook Rep - Send Us the File, Delete it, and Tell No One
Starting off with a warning to the blogger that the phone call was being recorded, the unnamed Facebook rep told the blogger to send them the file of the 1 million users’ information, delete it, and delete all traces of its mentioning off of his blog.
Not agreeing to censor the information, the blogger posted the quote from the phone conversation on his website:
Proceeding to ask whether or not the rep would fill him in on what would be done by the company, the rep said that it was an internal issue and that he would not be allowed to know the result.
How Safe is Your Personal Information?
It has been known for years that Facebook’s very own terms of service allows for blatant privacy intrusions, and the company has been even caught syncing up with major third party corporations to track you online and offline.
What has not been seen, however, is an event of this caliber taking place involving the average consumer. No longer are the days where major corporations were forced to buy your personal information and habits through terms of service changes and large volumes of cash.
Now, almost anyone can go online and buy 1 million E-mails, names, and Facebook URLs for a total of $5. In other words, you could purchase tens of millions of E-mails to spam or otherwise for a very inexpensive amount.
What’s more is that criminals could also purchase this database for further malicious reasons.
It’s no wonder that Facebook refuses to discuss the matter in any capacity, demanding that the blogger remove all content on the subject and pretend that it never happened.
If you absolutely cannot delete your Facebook, you can at least stop using apps on the platform that are known to be siphoning your personal information.
Also be sure to use a Facebook specific ‘dummy’ E-mail when signing up and choose a nickname or alternative name that is not the same as your full legal name.
A Sandwich, Essentially
from Uproxx Website
Five bucks can get you many things. A fast food meal. A couple of candy bars. A beer if it’s not a tiny microbrew or Belgian or something.
Roughly 100 words written by yours truly (just don’t expect the Gettysburg address or anything). Oh, and also 1.1 million Facebook user IDs, emails, and names.
Here’s what happened, and why it’s annoying or scary, depending on your perspective.
Bogomil Shopov, a digital rights activist and blogger, decided to see how easy it was to get Facebook contact information.
It turns out it was as simple as finding some random guy on an Internet message board, who had this description posted:
Facebook is currently calling this a “breach,” a breach they’re taking so seriously they called Shopov, demanded that he send them the data and delete it, and then take down his post about how sloppy they are with user data.
Apparently the conversation he had was magical and super-secret, and someday somebody is going to have to explain to legal interns that saying “This communication is confidential” doesn’t make it so.
It’s not really clear what Facebook can do, though. Apps are allowed to collect this information, and presumably users have agreed to share their data.
But it’s nice to see them pretending to care.
- A Measly $5... -
by Sheniz Raif
The majority of us are painfully aware that companies are persistently mining our personal data in their relentless quest to make a profit from it. You would think that something like your Facebook presence (& email address) would be particularly valuable, but what value you would you put on it?
I’m not a number crunching type, maths was never my strong point but I’d guess a buck or two, maybe less, maybe $0.50 - surely it can’t be less than that though, can it?
Well according to Czech IT Consultant Bogo Shopov it is considerably less than that! He claims to have paid just $5 for a spreadsheet containing ONE MILLION links to valid Facebook accounts which included the users’ real names and their email addresses!
That works out at just $0.000005 each if you are willing to buy in bulk, which all of the companies who go digging for your data like to do!
In his blog, Shopov said that he came across the unbelievable find whilst scouring the internet for bargains, he said: “I have the bloody habit to look for cheap deals on some websites.”
This particular find turned up on Gigbucks.com - a site where individuals offer various different data mining services and according to the Daily Dot, the offer of 1million users’ info for $5 is still on there!!
Shopov then took a screenshot of a page from the document and the Daily Dot verified that at least some of the accounts listed there were valid (according to SEC Filing - Facebook has 83 million fake accounts).
Then things get really interesting, Shopov claims to have been emailed by Facebook’s Platform Policy Team requesting his phone number. They contacted the IT Consultant and demanded details of his purchase. Then they told him to delete his blog post about the incident and not tell anyone about the conversation.
How very cloak-and-dagger!
The Daily Dot has stated that Facebook has not yet responded to their request for an official comment on this sensational story!