Hey Facebook, is it really just about the passwords?

Like millions of others, I received the request from Facebook yesterday to reset my password in response to the report of a major hack. The prompt was a bit different than expected of a password change. Facebook took me through friends I recently added, posts I had made and things I had recently liked. Private interactions I had had with friends and had not made public. This got me thinking. Please feel free to clarify if I do not have all the facts straight so quickly after the breach but…

A data breach like no other?

  1. Access to other social media accounts: When I was told to change my password, there was a specific prompt to change it to something that had never been used before. So if you have linked your account to Facebook then the breach potentially exposed your other passwords and logins which were connected. The fear of having your accounts hacked is a familiar one. To be honest I have clicked ‘Login using your Facebook profile’ too many times. It is hard to tell what has been connected to Facebook to login. How do we find out what accounts are connected and what passwords to change?
  2. Access to my bank account. So next step. Since I run a small business and have tried out Facebook ads 1 time, I have a bank account linked to my account. I removed it following these complicated steps. I guess I will keep an eye on any unusual charges to my account that was linked just in case? Should I cancel the card? We have all been down this road before with a breach and it doesn’t seem to phase us too much anymore.
  3. Access to all my contacts. Somehow over the years, the contacts in my phone are synced to Facebook, I can’t even remember when that happened. It is really convenient at times and I haven’t thought too much about it. Could this be used somehow? I get dozens of phishing phone calls a week, now I get the ‘scam likely’ alert but is there anyway to use those phone numbers or the images to create a stronger phishing scheme I can’t easily identify?

Now here is the big question

What next?

Sometimes we need to step back and ask, ‘what are some problems with rapid changes in science and technology?’ With this current breach, I think we have found an answer. This breach highlights how absurd it is that we as consumers are not in control of our own personal data. We have put trust in companies to protect our privacy but now we are in a time where this just isn’t about bank accounts, this is about everything we hold dear being programmed into social media. What this leaves us vulnerable to is hard to imagine. There is no way to insure against that, no social media version of a credit monitoring system they can enroll us in to compensate. Is there an alternative? Yes. Do we need to just continue to give our data away to big companies in exchange for social interaction and entertainment? No.

Now is the time for a massive change in products that allow us to control our data and make choices about how we share it with others. You may roll your eyes at the term ‘blockchain’ since it has been associated with the boom and fall of Cryptocurrencies. But the term is bigger than that and Blockchain is not just associated with finance. Blockchain is based on the concept of building a self sovereign identity where you control your data and are not dependent on an institution to establish trust. The technologies being developed using blockchain may hold the answer to what we do about the latest breach. In the meantime, I could log off but the damage is already done. We are part of a huge social experiment where the consequences are unknown. Anyone want to teach me how to get a public key fingerprint?

Ed Psych/Educator/Entrepreneur/Mom to a rad daughter. #TraumaInformed founder fighting for a more compassionate, equitable, and innovative world. cogdiv.com