Facebook is suing a pair of Ukrainian men for allegedly using quiz and test apps to gain access to private user data and friends lists, according to a federal lawsuit filed by the social network on Friday.
"In total, the defendants compromised approximately 63,000 browsers used by Facebook users and caused over $75,000 in damages to Facebook", the company claims in its civil complaint, citing the cost of rooting out the activity. However, they would then direct users to install web browser extensions that gave the hackers access to users' Facebook (and other social media) accounts.
The quizzes, with titles such as "What does your eye colour say about you?" and "Do people love you for your intelligence or your beauty?", gained access to this information via the Facebook Login system - which enables connections between third party apps and Facebook profiles. This extension then lifted data ranging from names and profile pictures to private lists of friends, photos, relationship status, and even email addresses and phone numbers. The quizzes often featured such headlines as: "What kind of dog are you according to your zodiac sign?", according to CNN.
Andrew Dwyer, a cyber security expert at the University of Oxford, said the court document suggested users who installed the browser extensions had "effectively opened up entry into their Facebook accounts".
Compromise could win over GOP senators opposing Trump order
That has been "helpful", said Lankford, who added that he plans to oppose the disapproval measure. It is very simply Border Security/No Crime - Should not be thought of any other way .
Once users connected their Facebook and other social media accounts they were asked to install what Facebook described as "malicious browser extensions" that essentially allowed the alleged hackers to pose as the affected users online.
Facebook notes that it publicly announced the compromise around October 31st, which roughly matches the date of a BBC report revealing the private message breach, quoting Facebook blaming malicious browser extensions.
If this scenario sounds in any way familiar that's because Cambridge Analytica came under fire for similar practices in 2018 when it was discovered the company accessed tens of millions of Facebook user profiles after quizzes were taken by unsuspecting users. Last year, the BBC questioned whether Facebook had been proactive enough in addressing the malicious plugins. In both cases, the defendants are overseas and seem unlikely to suffer serious consequences.