Hard drive leak reveals salary data of 29,000 Facebook employees.
Salary data of 29,000 Facebook employees* have been stolen. The hard drive leak is a new data protection problem for the company
Chris Wojzechowski Geschäftsführender Gesellschafter TL;DR
Salary data, names, social security number fragments, and compensation details of 29,000 Facebook employees were exposed after unencrypted hard drives were stolen from an employee's car. Affected staff were only notified three weeks after the theft. The incident highlights the critical importance of full-disk encryption - with encryption, the physical theft would have caused only material loss rather than a large-scale data breach.
Table of Contents (3 sections)
Another data protection scandal, in the form of a hard drive leak, is shaking the Facebook Group. Salary data is confidential information that you do not want to know in public. But this is what is happening now at the social media group Facebook. But nothing has been hacked. The information lay unencrypted on hard drives of an employee who had been stolen from her car.
Sensitive information on unencrypted hard disks.
In addition to the salary data, the names of those affected were also attached, as were the last four digits of the social security number and information on remuneration. Who has the data, possesses thus also information about the participation of coworkers innen in the enterprise. Any surcharges are also included in the list. A Facebook spokeswoman confirms that the incident is now being investigated. It is not surprising that the employee was not authorized to take the hard disks with her. It is cases like these that show how valuable hard disk encryption can be. But also the fast reporting is decisive for preventive measures. A period of three days is too long, from theft to reporting.
employees inside Facebook were only informed after three weeks.
take precautions, inform the Bank and take other preventive measures - actions that are often only considered when the case arises. But if you have no idea about the theft of data, why take action? Meanwhile, the employees have been informed on Facebook. However, only three weeks after the lack of the hard disks - which have not reappeared yet. Only employees in Facebook are affected by this case. The data of users are not affected. This error has disciplinary consequences for the responsible person - the Facebook spokesperson also confirms this.
Hard drive leak would have been only a material damage due to the encryption
Even if the use of encrypted hard disks entails additional costs and effort: Cases like these show that it can be worthwhile to accept this. They are not always the spectacular break-ins - digital and real. Sometimes it is the theft from the car that affects 29,000 people.
Monthly Threat Report
Chris Wojzechowski bewertet einmal im Monat die aktuelle Bedrohungslage aus Sicht eines Informationssicherheitsexperten. Sein 30-köpfiges Team ist näher an realen Cyberbedrohungen dran als kaum jemand sonst - mit konkreten Handlungsempfehlungen, die Sie am nächsten Morgen umsetzen können.
Bestseller-Autor (Wiley-VCH) · M.Sc. Internet-Sicherheit · Bekannt aus Handelsblatt & WamS
Zuletzt behandelt
1x im Monat · Kein Spam · Jederzeit abbestellbar · Datenschutz
Next Step
Our certified security experts will advise you on the topics covered in this article — free and without obligation.
Free · 30 minutes · No obligation
