Stolen Facebook Employees’ Data Incident Questions Company's Capability Handling Users' Data
KEY POINTS
- Banking information of Facebook employees was stolen through a car break-in
- Unencrypted hard drives contain Facebook employees' bank accounts, names, last four digits of social security numbers, and more
- The incident questions Facebook's level of caution particularly in handling personal data of its users
Banking information of 29,000 Facebook employees stored on unencrypted hard drives was stolen via car break-in of a payroll worker of the company. The hard drives contained data on thousands of US workers who worked with Facebook in 2018. Compromised data includes employee names, bank account numbers, salaries, bonuses, equity details, as well as the last four digits of the employees’ social security numbers.
Facebook shared that it has already sent emails last Friday morning to its staff, informing them of the incident. While it is true that the stolen hard drives do not contain any Facebook user’s data, the incident raises questions on how the social networking site handles the personal data of its users, which appears low given its history of scandals associated with user privacy. Interestingly, Facebook did not inform the employees whose names were compromised from the theft until nearly a month after the incident occurred.
An internal email disclosed that Facebook only realized that the hard drives containing employees’ data were stolen on Nov. 20, three days after the incident took place. The company confirmed that the stolen hard drives contained employees’ data on Nov. 29. At present, the social networking site is cooperating with police to recover the hard drives while providing employees with a two-year subscription to identity theft protection service, reports The Verge.
There is no evidence of abuse, and we believe that the incident was a smash and grab crime instead of an attempt to steal data of Facebook employees, said the company’s spokesperson in a statement to Bloomberg. It is not clear why the hard drives are in the position of the Facebook employee or why it was being transported, considering that employees are not allowed to take those out of the office. It is also alarming to learn that the hard drives containing employees’ data are unencrypted, considering the level of theft in the Bay Area where Facebook employees work and live.
All we know is that the social networking giant has made the necessary disciplinary action for the employee involved in the incident.
© Copyright IBTimes 2024. All rights reserved.