tame Times Fresh Approach to local news
Glendower
Glendower

Tag: facebook

14.3 million South Africa Facebook users hit by data leak

VPN provider Surfshark has analysed the recently discovered Facebook data leak containing the data of 533 million users and found that 14,323,766 of the leaked profiles were South African.

South Africa has the tenth highest number of breached accounts overall, the analysis showed, making it one of the countries most severely impacted by the leak.

“In general, the top 10 countries by breaches make up 50% of all the breach cases,” Surfshark stated.

According to NapoleonCat data, South Africa had 17.6 million Facebook users at the time Facebook closed the vulnerability that allowed the data to leak. Over 81% of all South Africans who had a Facebook account in August 2019 may therefore be impacted.

Security expert Alon Gal, the chief technology officer at Hudson Rock, first reported this latest leak via Twitter, revealing that all 533 million records had been posted to the dark web for free.

Gal’s report included screenshots of a list of countries that was posted by the person who leaked the database. This list had a line stating that the leak contained 14.3 million records for “Africa”.

Surfshark’s analysis has now confirmed that the “Africa” line in the leaker’s list was actually South Africa.

Top 20 countries by the number of Facebook profiles affected.

Leak not due to a hack — Facebook

In response to Gal’s post, Facebook’s director of strategic response communications, Liz Bourgeois, said that this was old data that was already reported in 2019.  “We found and fixed this issue in August 2019,” stated Bourgeois.

This explanation has been challenged, with Wired reporting that Facebook never disclosed the vulnerability that resulted in this specific leak.

The security flaw that allowed attackers to get their hands on the names, phone numbers, Facebook IDs, location information, and other sensitive data of millions of users was in Facebook’s contact importer.

“We believe the data in question was scraped from people’s Facebook profiles by malicious actors using our contact importer prior to September 2019,” Facebook said in an official statement.

“This feature was designed to help people easily find their friends to connect with on our services using their contact lists.”

Facebook said that when it found out how attackers were using this feature in 2019, it made changes to the contact importer.

“In this case, we updated it to prevent malicious actors from using software to imitate our app and upload a large set of phone numbers to see which ones matched Facebook users.”

Facebook said that it is important to understand that attackers obtained this data not through hacking its systems, but by scraping publicly available information from the Facebook platform.

“The information did not include financial information, health information or passwords,” Facebook assured.

What data was leaked from South African accounts

Surfshark said that from the 14,323,766 South African Facebook accounts, 83,938,406 data points were leaked.

The attackers, on average, therefore exposed six types of data per user in South Africa, with specifics varying from user to user, a spokesperson for the company said.

“While the big worry online is about email addresses, this is not the part that should cause the most concern as a comparatively small 0.51% of the South African profiles had their email addresses exposed,” Surfshark stated.

“However, all affected users — 100% — had their phone numbers or Facebook IDs leaked.”

The data set also allows matching names and phone numbers with additional data like location (37,18%) and relationship status (21,41%), Surfshark said.

“That helps to both choose the targets or to make hacking attacks more believable.”

An attacker could use the data exposed in the leak to send SMS (or WhatsApp) phishing attacks to your number, Surfshark said. It could also be used to gather information for SIM swap fraud.

The table below summarises what data each of the South African Facebook profiles in this leak contained.

Leaked data by percentage of South African Facebook profiles affected
Leaked data point Number of profiles Percentage of profiles
Phone number 14,323,568 100%
Facebook ID 14,323,559 100%
First Name 14,290,821 99.77%
Gender 13,773,588 96.16%
Last name 14,296,184 99.81%
Location 5,325,530 37.18%
Employer name 4,465,408 31.17%
Relationship status 3,066,753 21.41%
Email address 72,995 0.51%

How to check if your phone number was leaked

Due to the fact that this leak contains mostly phone numbers rather than email addresses, data breach notification service Have I Been Pwned has added the ability to search its breach and leak database for your phone number.

“There’s been huge interest in the Facebook incident, and I’ve seen near-unprecedented traffic to Have I Been Pwned over the last couple of days,” said the founder of Have I Been Pwned, Troy Hunt.

Hunt said that he never planned to make phone numbers searchable, but the Facebook data leak changed his view.

“There are over 500 million phone numbers, but only a few million email addresses in the Facebook leak,” he said. “This means 99% of people were getting a miss when they should have gotten a hit”.

To see if your number was part of the recent Facebook data leak, you can search for it on the Have I Been Pwned website.

Phone numbers are stored with the country calling code, so South African numbers start with 27.

To search for your number, you must add 27 at front of the number and drop the leading 0. The number 0821234567 will therefore change to 27821234567.

No more Whatsapp without Facebook Privacy Agreement

The often controversial and infamous messaging service WhatsApp has updated its terms and conditions section to include further Facebook integration – including a requirement that app users share data with the company.

The group used an in-app message sent to users this week, in which WhatsApp said that the changes will include:

  • Updates to WhatsApp’s service and how it processes your data;
  • How businesses can use Facebook hosted services to store and manage their WhatsApp chats;
  • How WhatsApp will partner with Facebook to offer integrations across Facebook Company products.

WhatsApp said that these changes will officially come into effect from 8 February, 2021. After this date, any user who has not agreed to the new terms will no longer be able to use the messaging service.

ArsTechnica reports that some of the data that WhatsApp collects includes:

  • User phone numbers;
  • Other people’s phone numbers stored in address books;
  • Profile names;
  • Profile pictures;
  • Status message including when a user was last online;
  • Diagnostic data collected from app logs.

Under the new terms, Facebook reserves the right to share collected data with its family of companies.

In 2014 Facebook acquired WhatsApp for $19 billion. The company was founded by Jan Koum and Brian Acton who had previously spent 20 years combined at Yahoo.

More than two billion people in over 180 countries use WhatsApp, which is currently available as a free download.

Crime News: A Facebook post leads to the arrest of a suspect 6 years after Christine Robinson’s murder

On the sixth anniversary of the brutal rape and murder of British national Christine Robinson in Limpopo, a Facebook post appealing for public assistance to find her suspected killer, led to his arrest.

Robinson, 59, a retired teacher who owned a game lodge, was allegedly attacked by her gardener and general worker Andrew Ndlovu, on July 30, 2014.

According to the Facebook post, Ndlovu had returned to South Africa several times after he fled to Zimbabwe following the attack.

Robinson’s niece Lehanne Sergison, who lives in London, with the help of South African independent crime expert Ian Cameron, never stopped searching for her aunt’s killer.

Cameron, who visited the scene a few days after the murder and usually speaks to Sergison around the anniversary of her aunt’s death, said this year, on July 30, he called her in London and asked for any recent information and pictures she had on the case.

Wanting to get more clarity on the case and to apply some pressure for the crime to be resolved, Cameron posted the information on Facebook.

“Interpol did not do much. The South African Police Services on the ground at the time of the investigation were fantastic, but after that the case just died. The British government also seemed not to have done much,” said Cameron.

Six hours after the pictures were posted, Cameron received a tip-off.

“A few hours later someone contacted me and said ‘please call me, I know where this man is’. I then followed up the lead and true as Bob it was him, and we then arrested him.”

Cameron said Ndlovu was transported to Thabazimbi, Limpopo, the next day, where he appeared in court.

“I am glad that we have been able to assist Christine’s family to have some form of closure. The law must now take its course for justice to finally be served.”

Cameron believes that while the case is still ongoing, the family now feel that some form of justice was starting to be served.

“You can imagine waiting, day after day, year after year, and not getting any form of positive feedback, and the impact that might have on you,” he said.

Sergison said she never thought the day of the alleged killer’s arrest would come.

“All the emotions came back like the day I found out Christine was murdered. I’m still apprehensive, there is still a long way to go.”

She said after her aunt died, she read a quote by Lois McMaster Bujold: “The dead cannot cry out for justice; it is a duty of the living to do so for them,” which motivated her to seek justice.

“I believe in this and felt I had to do everything I could to try to get justice,” she said.

Sergison said she loved Robinson dearly and described her aunt as a kind, humble and genuine woman who always saw the good in people.

“She was an adventurer but also a widow of 59. She was loved by many people all over the world. Teaching was in her DNA. Yet someone abused her dignity, attacked her and stole her future.

“There will never be closure, his arrest will not erase what has happened or bring back Christine and, if he is guilty, he should pay for his crime.

“His future lies with the judiciary. I cannot influence the outcome, I can only hope that justice prevails,” said Sergison.

Her advice to others who are still seeking justice is: “Never give up hope, people always let their guard down. Always fight, we have an obligation as per Bujold’s quote.”

She thanked Cameron, among others, for all he had done and would “forever be indebted to him”.

She described the person who alerted them to Ndlovu’s whereabouts as brave and a great credit to SA.

Limpopo National Prosecuting Authority spokesperson Mashudu Malabi-Dzhangi confirmed that Ndlovu had been arrested in Brixton, Johannesburg, on suspicion of murder.

Malabi-Dzhangi said Ndlovu made his first court appearance on July 30 and was scheduled to appear last Thursday for a bail hearing. “Through his defence (Legal Aid), the accused abandoned bail,” she said.

The case was adjourned to October for further investigation and Ndlovu was remanded in custody.

Source: The Mercury

Crime News: Joburg teen sues Facebook for name of Insta stalker who threatened rape & murder

A terrified teenager has had to turn to the high court to force Facebook to reveal the identity of an anonymous poster who threatened her with rape, gang rape and murder, TimesLive reported.

In the matter, which will be argued in the Johannesburg high court on Tuesday, the 13-year-old pupil’s lawyers say Facebook Inc (which owns the Instagram platform) had played a callous game of cat and mouse with her.

“The game itself is odious because the applicant is not a ‘cat’ and Facebook is certainly not a ‘mouse’.

“It is one of the largest, richest and most powerful corporations in the world. The applicant, on the other hand, is a 13-year-old girl who simply wants to protect herself from the most horrific harm imaginable.

“She ought never to have had to face the hurdles that Facebook’s impenetrable fortress put in her way.”

The graphic messages were posted on her Instagram platform over five days in May this year.

Since then, the teenager says in her court papers, she has been too scared to return to school, she is too afraid to be left alone at home and struggles to eat or sleep.

She believes that the poster – who opened and closed Instagram accounts over five days  using different names with the variation of the word “killer” – is someone who knows her because he, or she, made reference to pupils in her class.

Her parents engaged the help of social media lawyer Emma Sadleir in an attempt to persuade the police to take action and to enlist the co-operation of Facebook.

But it came to nothing. They were told that a subpoena could take six months to process.

They then attempted to engage with Facebook directly, with no response. Local lawyers, who acted for the company in the past, refused to accept service of any legal documents.

No-one would give them an e-mail address of their legal department.

Faced with this “impenetrable fortress”, they approached the high court at the end of June, securing an order for “substituted service” and had to hire a lawyer in the US to drive to Sacramento, California, to serve the papers by hand.

Initially, Facebook Inc said it would oppose her application for the release of the subscriber’s details. But it then changed tack, saying it would abide by the decision of the court.

In written argument, the teenager’s lawyers say she is a victim of crime and without the information she seeks, she faces a real prospect of further harm and physical violence.

Instead of treating her with the respect she deserves, she had been forced to jump through expensive, and traumatic, hoops.

Shutdown

Facebook Group is growing with 50,000 members a day

Shut SA Down was formed on the 20th February 2020 and has grown from zero to over 100, 000 members, and it is not slowing down.

Morne Swart, which formed this group, has only one focus and this is to unify South Africans by making their voices heard.

Swart wants South Africa to know, that “Shut SA Down” is not based on hate but rather productive action.

 

“This is not a hate group. We have one and only one purpose to bring South Africa to a standstill until we the public are heard. We are tired of the violence, rape and murder in our country. This group will only discuss protest action. And we will protest by shutting SA down. No work, no school, nothing. Our children are more important than a days work. Let’s shut SA down. And if they don’t listen, we will shut South Africa down for two days, and then three days. We are tired South Africa. The time is now.”

 

In the past couple of weeks South Africans have started important conversations about the state of the nation on various Facebook pages. Some are good, some are bad, but South Africa has a common goal, by making South Africa better.

 

Here are some other Facebook groups everyone is talking about.

 

#SouthAfricaThroughALens

This group is all about YOUR “ POSITIVE” perspective through either the lens of your phone or camera. Negative posts are not tolerated. Let’s show the world what we in SA are surrounded by relating to beauty!!

 

#ImStayingToo

“This is a group for South Africans from all walks of life who want to contribute to creating a society where everyone is equal and respected. Feel free to discuss anything you like. We are not the thought police. If you are racist, homophobe, misogynist, and believe in holding hands and singing Kumbaya while pretending everything is great, then you should go to the other group. This is an Inclusive group, so post will not require approval.”

 

Conversations For A Just South Africa

“While we love the idea of positivity is needed for social cohesion, we also acknowledge that some difficult and painful conversations need to happen for meaningful change to occur. This is a collaborative space for social learning to occur. We are unapologetically, Intersectional, antiracist, and egalitarian. All faiths welcome, but we are secular.”

 

Source: Goodguythings

About Tame Times

Tame Communications (known as tameTIMES) was established in 1997. This long-established popular community title includes the key shopping centres:  Alberton City, Mall...

Get in Touch