If a hacker got to your account, what secrets would be exposed?

By Keith Pereña

A couple of years ago, I deleted (not deactivated) my Facebook account. Deleting a Facebook account is complicated. Unlike deactivating, deleting removes your account and erases your FB information. It even offers users the ability to get a copy of everything they have ever posted online. I used this feature to retrieve five years’ worth of personal information. Now, those five years of my life are not in FB’s hands but in a thumb drive in my keyring.

That was two years before the attack that shook Facebook last month – 50 million accounts hacked. It’s tempting to posit that intuition played a role in my decision to go offline. But there is no way I could have known Facebook would get hacked. Now, the social media giant has been embroiled in one controversy after another — Russian bots, Cambridge Analytica, and now millions of accounts that can be bought on the Dark Web for $4 a pop.

The recent controversy made me wonder: what would hackers see had I been part of the 50 million users affected? My original Facebook account functioned as a ‘virtual diary’ (That’s what you get when you introduce an angsty emo teen to social media).

Hackers would see my internal battles with depression and how I hinged a lot on the validation of others. They would see breakups, breakdowns and how a young man from Manila got through it.

Tarek Hakim, a former Dubai-expat studying in Ukraine was one of the 50 million Facebook users who were directly affected by the hack. “It happened on a Friday while I was logged out of the [Facebook] app and Messenger. I received an alert from FB that I was one of the 50 million users that ‘may have been hacked’. I immediately changed my password.”

Tarek fears his account might have been used to send inappropriate messages to family and friends. “I also worry about my credit card information being stolen since I saved it.”

Some users connect their credit card to Facebook in order to boost posts on pages they manage. Many bloggers use this to attract users and get them to engage with their content. One such blogger, Joy Caasi of thethrifttrip.com told me, “I use my credit card to run campaigns on Facebook and Instagram to reach a bigger audience. If they get access to my ads manager, they can get my card details. What’s worse is they can make use of my Facebook account to run ads or campaigns that are against the UAE National Media Council’s (NMC) guidelines.”

The Facebook hack is not just about one website. Apps that allow connection to the social media giant such as FB-owned Instagram are also at risk. According to Mashable, if users have their Instagram account tied to Instagram via their “Log in With Facebook” feature, hackers could also gain access to their Instagram.

Online security website KrebsOnSecurity wrote that every third-party service that lets you log in with Facebook is vulnerable. “Tens of thousands of websites let users log in using nothing more than their Facebook profile credentials.” In other words, apps such as Uber and more could be within arm’s reach of hackers.

Rosan Reodica-Juan, account manager for Room-Five Creative Facility in Dubai shares the same fears of hackers gaining insight into her personal life. “What I fear most is they see my conversations with my ex-lovers. If my account was hacked, I would be hacked for the drama!” she laughs, possibly overstating her husband’s reaction.

All this talk of hacking reminded me of WhatsApp founder Brian Acton’s tweet earlier this year. Last May, Acton tweeted out the words “It is time. #deletefacebook” [sic]. He tweeted that out in the midst of the Cambridge Analytica scandal that rocked FB. Maybe it is time to delete Facebook. The site has become crowded – from Russian bots, to Trump/Duterte supporters spewing vitriol. It connected us to people we know and love, but it also sheltered and provided opportunity to those with ill intent.


Keith is no tech expert but he doesn’t like folks snooping around his FB page

Leave a Reply

Your email address will not be published. Required fields are marked *