[ad_1]
Facebook CEO Mark Zuckerberg.
David Ramos / Getty; Skye Gould / Business Insider
- WhatsApp was hacked, revealing a "serious security vulnerability," reported for the first time Monday by the Financial Times.
- More than 12 hours after the start of the story, Facebook has neither published any blog about it nor directly warned users that WhatsApp needs to be updated.
- This is reminiscent of Facebook's catastrophic reaction to the Cambridge Analytica data breach, when CEO Mark Zuckerberg was not seen until five days ago.
- The WhatsApp hack shows that your data is always vulnerable to bad actors. And Facebook is always slow to talk to its users when bad things happen to this data.
- Visit BusinessInsider.co.za for more stories.
"Simple, secure staff."
That's the slogan that sits next to WhatsApp on the PlayStore. But in the last 24 hours, the last word of this promotional message has been challenged by sophisticated hacking.
A simple missed call on WhatsApp from a bad actor using software created by NSO, a company that creates surveillance products for repressive governments, could have exposed your phone to spyware that collected information such as your private messages and your location data.
It has been described as a "serious security vulnerability" by the Irish Data Protection Commission – and will require further investigation to establish if any of the 1.5 billion users of WhatsApp has been impacted .
Read also: WhatsApp users are invited to update the application immediately after hacking – here's how to protect yourself
Now, one would think that in Facebook's new era of transparency, the company would strive to inform users of the attack and how to protect themselves. Not enough.
Facebook is aware of hacking since the beginning of May. And while it is reasonable to address the vulnerability before revealing it to the world, the company seemed ill-prepared to be made public.
The Financial Times told us about the hacking, a few days after Facebook began offering a fix for the problem to users of iPhone, Android and Windows phones. The update, incidentally, does not mention anything about security.
"It's now easier to start voice and group video calls. Just press the group call button or select" New Group Call "when you start a new call in the call tabs Group calls support up to 4 participants, "he says on Android.
Facebook has provided the British newspaper and others, including Business Insider, with a statement acknowledging the incident and urging users to update WhatsApp. There is also an opaque security message on Facebook.
But where is the direct notification sent to WhatsApp users to tell them that their data may have been compromised? Where is the direct prompt to update the application? Where is the blog article describing the problem? Where is the advice to worried users?
If you had not seen the information, you would still be in the dark and theoretically vulnerable to the attacks of bad actors planning a smash and a data entry.
And I'm not the only one to have noticed Facebook's wall of silence when it's about directly informing its users of the problem. "We believe that WhatsApp needs to be much more transparent," said a spokesperson for Privacy International. "We have not seen any notification on the application itself that would inform users of both the bug and the fix."
I asked Facebook why he did not communicate the problem directly to the users. This did not answer my question.
This is reminiscent of Facebook's catastrophic reaction to the Cambridge Analytica data breach last year, when CEO Mark Zuckerberg had not been seen before five days. During the tour of apology that followed, he repeated platitudes regarding openness and transparency, and there is no doubt that Facebook has improved.
But not saying a word to users about serious hacking more than 12 hours after entering the public domain shows that Facebook has still not fully learned the lessons from its past mistakes.
And even worse, this is at the heart of Zuckerberg's vision for his company. WhatsApp is the centerpiece of its strategy to make Facebook a more private place by implementing end-to-end encryption.
But the WhatsApp hack shows that your data is still vulnerable in the hands of Facebook. And Facebook still hesitates to be clear when bad data arrives at this data.
Receive a single WhatsApp each morning with all our latest news: click here.
Also by Business Insider South Africa:
[ad_2]
Source link