Facebook plans to ’normalise’ mass data scraping

Facebook plans to ’normalise’ mass data scraping


Facebook has plans to normalise the fact that ’scraping incidents’ happen frequently.

An internal Facebook email that was accidentally sent to Belgium-based Data News, has revealed its ’long-term’ strategy for dealing with the leaking of account details from 533 million users.

Earlier this month, personal data of over 500 million Facebook users were posted online in a hacking forum. Sensitive data such as users’ phone numbers, full names, location and email addresses were exposed.

In the email, Facebook said it expects more ‘scraping’ incidents and plans to release limited statements about the issue. “We expect more scraping incidents and think it’s important to both frame this as a broad industry issue and normalise the fact that this activity happens regularly.” it said.

As a result, it planned to issue limited statements about the issue.

Facebook has confirmed the memo was genuine and told the BBC: “We understand people’s concerns, which is why we continue to strengthen our systems to make scraping from Facebook without our permission more difficult and go after the people behind it.”

Facebook said the reported leak was back in 2019 and denied wrongdoing, adding that the data was scraped from publicly available information on the site.

So what is data scraping?

In a general form, data scraping refers to a technique in which a computer program extracts data from output generated from another program. It is sometimes linked to web scraping, which is the process of using an application to extract valuable information from a website.

Data can be scraped for it be downloaded and reused for unauthorized purposes. Social media sites, airline companies, e-commerce and digital publications are impacted the most by data scraping and often try their best to mitigate this.

With contact scraping, the actor is able to aggregate contact details for bulk mailing lists, spam calls or do far worse and use the information for malicious social engineering attempts.


Source link