Jump directly to the content
POCKET CHANGE

Facebook faces £1.25bn fine after hack – less than 3% of billionaire Mark Zuckerberg’s fortune

Slippery Zuck appears to have gotten away with it again...

FACEBOOK faces a maximum fine of just $1.63billion (£1.25billion) after a major security blunder left 50million accounts exposed to hackers.

But the paltry sum is less than 3% of CEO Mark Zuckerberg's own net worth – meaning the billionaire will hardly notice the Facebook hack penalty.

Mark Zuckerberg has let users down on safety yet again – but has a fortune of nearly £50billion to cheer himself up with
2
Mark Zuckerberg has let users down on safety yet again – but has a fortune of nearly £50billion to cheer himself up withCredit: AP:Associated Press

Last Friday, Facebook revealed that three bugs in its website code had been exploited by hackers.

The bugs allowed hackers to not only log into 50million Facebook accounts – but also log into any services linked to Facebook, like Spotify, Tinder or Instagram.

The EU's new GDPR regulations mean that giant tech companies can face fairly significant fines for not doing enough to protect your data.

But the maximum amount they can hit a company with its €20million, or 4% of annual turnover – whichever is greater.

A recent Facebook breach let hackers access at least 50million accounts as if they were the account holder
2
A recent Facebook breach let hackers access at least 50million accounts as if they were the account holder

In 2017, Zuckerberg's Facebook generated a sizeable $40.653billion (£31.2billion) in revenue globally.

The maximum fine for Facebook, therefore, is $1.63billion (£1.25billion).

That might sound like a lot, but Mark Zuckerberg's own net worth clocks in at $61.5billion (£47.2billion).

So the EU's fine would only be worth roughly 2.6% of slippery Zuck's own fortune.

Facebook hack timeline – when did it all happen?

Here's what you need to know...

  • The vulnerability in Facebook's code was the result of three separate bugs
  • These were created in July 2017, when Facebook created a new video upload functionality
  • On September 16, 2018, Facebook discovered unusual activity, which manifested itself as a "spike in users", according to officials
  • Facebook then launched an investigation
  • On Tuesday, September 25, Facebook uncovered the attack and found the vulnerability
  • On Wednesday, September 26, Facebook notified law enforcement
  • On Thursday evening – September 27 – Facebook said it fixed the vulnerability
  • On Friday evening – September 28 – Facebook disclosed the vulnerability to the public

Facebook itself is worth significantly more.

The company's current market capitalisation currently stands at $474.83billion (£363.9billion).

The market cap is the value of a single Facebook share, multiplied by the total number of Facebook shares in circulation. It gives you a good idea of how much a company is actually worth.

Shockingly, the EU's fine would only be worth 0.03% of Facebook's current total market value.

This means that even if the EU slaps Facebook with the maximum possible fine, it'll barely make a dent on the social media titan.

Facebook has barely even been held to account for an earlier gaffe that allowed developers to harvest information from users' profiles without their permission.

Millions of people were affected in the so-called "Cambridge Analytica breach", named after one of the companies involved in the harvesting.

Mark Zuckerberg was forced to testify in front of US Congress over the security blunder, but the social network largely got off scot-free.

Facebook's Mark Zuckerberg apologises to EU lawmakers over data leak at the European Parliament

This latest breach is far more serious, however.

A bug introduced into Facebook's website code in June last year allowed hackers to log into anyone's account with ease.

These hackers would have gained access to profile info, photos, videos, posts, private messages and more.

And the hackers would also have been able to log into any accounts linked to Facebook too, like those associated with Instagram or Messenger services.

Fears are now growing over the risk of identity fraud and blackmail, as hackers were given free access to so much information.

Worryingly, it's possible that Facebook may not even receive the maximum possible fine under the EU's GDPR laws.

One of the key regulations forces Facebook to alert EU regulators about a breach within 72 hours of it being discovered.

Ireland's Data Protection Commission appeared to have received notification within this 72-hour period.

That could mean Facebook may receive leniency for being co-operative with the investigation.

Facebook hack – how did this breach happen

Here's how it worked...

  • Facebook's systems were compromised through the 'View As' feature
  • 'View As' lets you see your profile as another specific user would see it
  • The three bugs related specifically to a re-design of the video uploader tool
  • When using 'View As', the video uploader tool shouldn't have shown up at all
  • But on specific posts encouraging people to post happy birthday greetings, it did show up
  • The second bug was that the video uploader incorrectly used Facebook's single sign-on functionality, and generated an access token for the mobile app
  • The third bug was that when the video uploader showed up, the access token was generated for not you as the user, but for the user you were looking up
  • This was discovered by attackers, who were able to use this system to look up other users and get further tokens

MOST READ IN TECH

Is your air fryer SPYING on you? Report claims it can listen to conversations
AIR SPYER

Is your air fryer SPYING on you? Report claims it can listen to conversations

'Zosia the vampire' skeleton likely cause of death revealed after 350 years
SUPERSTITIOUS

'Zosia the vampire' skeleton likely cause of death revealed after 350 years

Apple offers free repair and refunds for iPhone camera glitch - check yours
PICTURE THAT

Apple offers free repair and refunds for iPhone camera glitch - check yours

Win a festive Mattel Games Bundle!
FESTIVE FUN

Win a festive Mattel Games Bundle!

But although Facebook has co-operated, the DPC is still unhappy with Facebook's actions: "The Data Protection Commission (DPC) has received a preliminary notification from Facebook Ireland.

"However, the notification lacks detail and the DPC is concerned at the fact that this breach was discovered on Tuesday and affects many millions of user accounts but Facebook is unable to clarify the nature of the breach and the risk for users at this point.

"The DPC continues to press Facebook to clarify these matters further as a matter of urgency."

Do you think Mark Zuckerberg will ever be held to account? Let us know in the comments!

We pay for your stories! Do you have a story for The Sun Online news team? Email us at [email protected] or call 0207 782 4368 . We pay for videos too. Click here to upload yours.

Topics
YOU MIGHT LIKE
RECOMMENDED FOR YOU
MORE FOR YOU