No harm, no foul, lesson learned, you’re data is safe. That’s the message that Facebook gave its users with a recent blog post titled “Protecting People On Facebook”.
Things ended well. Laptops of employees were attacked when they visited an app developer site with malicious code on it which triggered a zero-day java exploit. Forensic investigation showed that nothing crucial fell into the wrong hands and no user data was compromised. It was the best possible ending for a hacking, particularly of a company that is so entrusted with private user information. The social network requires real data and must be trustworthy in the minds of those supplying.
So far, so good.
This is the best case scenario for Facebook, even better than had they not been hacked at all. It puts employees on alert, something that must be constantly reinforced for the sake of natural human complacency in a company with such a vast footprint. It lets the users know that there are always risks but that the company is on top of them. It lets hackers know that it’s even more challenging than they had originally thought to capture the data and that the easiest path is through the users, in which case it’s their fault that they didn’t have a strong enough password.
This was a good hacking for Facebook. It was a necessary one. It only takes a single major slip for the public company to suddenly become a risk. That’s something that the company could never afford if it wants to continue its path towards knowing as much about everyone as they’re willing (or unwilling) to give.
* * *
“Hacker” image courtesy of Shutterstock.