Facebook hard disks containing company's payroll information stolen

Bubbajim

Bubbajim

Posts: 736   +694
Staff
What just happened? Usually when we hear the words “Facebook” and “data leak,” it’s about user data being mishandled or exposed. But the latest data theft for the company is a little closer to home, as hard disks containing payroll information for thousands of employees have been stolen during a smash-and-grab car robbery.

Facebook may have taken steps in the last few years to tighten their data control policies, but it seems their best intentions have been foiled by an employee mistake and a spot of bad luck. On Friday morning, Facebook employees received an email from management confirming that unencrypted hard drives containing personal and payroll information had been stolen from a staff member’s car.

According to Bloomberg, the disks contained the data of almost 29,000 people who worked at Facebook during 2018, and included information such as salaries, bonus payments, bank account details and partial social security numbers.

For once, no Facebook user data was compromised.

The company doesn’t believe that staff information was specifically targeted. Instead they believe it was just bad luck that the disks happened to be in the car that was broken into. A spokesperson for Facebook said, “we worked with law enforcement as they investigated a recent car break-in and theft of an employee’s bag containing company equipment with employee payroll information stored on it, we have seen no evidence of abuse and believe this was a smash and grab crime rather than an attempt to steal employee information.”

Unsurprisingly, the unfortunate employee whose car was robbed was not meant to have taken the hard disks out the office. Facebook have confirmed that they have taken “appropriate disciplinary action” though they declined to say what ‘appropriate’ meant exactly.

Perhaps just as worrying for fellow staff members, however, is the timeline of events and Facebook’s sluggishness in communicating with people. The break-in allegedly happened on November 17, and Facebook confirmed a few days later that the disks in question had been taken, but employees were not notified until December 13. That’s almost a month during which the perpetrator could make use of the data.

The email to staff reportedly encouraged employees to inform their banks, and offered affected people a two-year subscription to an identity theft detection scheme.

Permalink to story.

https://www.techspot.com/news/83196-facebook-hard-disks-containing-company-payroll-information-stolen.html

 
Kar·ma
/ˈkärmə/
noun
(in Hinduism and Buddhism) the sum of a person's actions in this and previous states of existence, viewed as deciding their fate in future existences.
INFORMAL
destiny or fate, following as effect from cause.
 
  • Like
Reactions: DaveBG
Aside from the possibility of having your data used against you in a court of law, you have to worry about textbook identity theft.

Smuckerberg will get nothing from me but memes and off-color commentary.
 
  • Like
Reactions: ckm88
NicktheWVAHick said:
Kar·ma
/ˈkärmə/
noun
(in Hinduism and Buddhism) the sum of a person's actions in this and previous states of existence, viewed as deciding their fate in future existences.
INFORMAL
destiny or fate, following as effect from cause.
Click to expand...
Western interpretation is simpler - "Karma is a biyatch".
 
Last edited:
  • Like
Reactions: hahahanoobs
"they declined to say what ‘appropriate’ meant exactly."

F-I-r-e-d. Just say it. Fired.

"offered affected people a two-year subscription to an identity theft detection scheme."

You meant to say LIFETIME subscription.
 
  • Like
Reactions: Yynxs
We’ve had something similar to this happen to my company years ago, and as a response IT Security required that all hard drives handling work data must be encrypted. They’ve also added mandatory annual training of basic tech security principals for all employees. How does Facebook not have a policy like this??
 
For those of you who enjoy conspiracy theories, try this on for size.

The employee wasn't supposed to have the HDDs out of the office.
He, (or she), takes the drives out anyway, and stores then in plain sight.

Most car break ins occur through a smashed window. If this employee was concerned about security, the drives would have been in the trunk. (Although SUVs aren't notorious for having trunks).

An acquaintance of the employee comes and takes the drives. Perhaps a door is "accidentally" left unlocked. That would alleviate the nuisance of an insurance claim for a broken window
 
  • Like
Reactions: ShagnWagn and Yynxs
Plutoisaplanet said:
We’ve had something similar to this happen to my company years ago, and as a response IT Security required that all hard drives handling work data must be encrypted. They’ve also added mandatory annual training of basic tech security principals for all employees. How does Facebook not have a policy like this??
Click to expand...
Perhaps they broke the bank on an overly lavish ad billing department wing, and are still scrimping and saving up for an IT security closet..
 
Last edited:
captaincranky said:
For those of you who enjoy conspiracy theories, try this on for size.
Click to expand...
I think it was a Ukranian Oligarch paying a Biden clan member to entrap a Pelosi progeny with fake Chinese server chip plans steganographically altered with indisputable Steele-clad proof relating how South China Sea servers hidden deep underground in an artificial island tracked illegal payments routed from Putin to Trump using NBA hollow-head bobble figures.
BTJM.
 
  • Like
Reactions: Theinsanegamer and captaincranky
Do they have any explanation as to why this data was even on external drives? Let alone outside the company? And why does it take multiple hard disk(s) to store this data? This was staged.

"offered affected people a two-year subscription to an identity theft detection scheme"

So, this is the default for giving out people's intimate details these days? Gee, thanks. And especially from a company "worth" how many billions? I'm sure people will this will never have an issue again... Where is the payout for the future issues that will inevitably happen? The information out in the wild is worth way more than this.
 
  • Like
Reactions: captaincranky
ShagnWagn said:
Do they have any explanation as to why this data was even on external drives? Let alone outside the company? And why does it take multiple hard disk(s) to store this data? This was staged.

"offered affected people a two-year subscription to an identity theft detection scheme"

So, this is the default for giving out people's intimate details these days? Gee, thanks. And especially from a company "worth" how many billions? I'm sure people will this will never have an issue again... Where is the payout for the future issues that will inevitably happen? The information out in the wild is worth way more than this.
Click to expand...
Hey, look how much information Experian managed to lose, and all they offered was "one free year" of identity protection.

Ironically, as compared to that "largess", it makes Zuckie look positively like a "philanthropist".

"Scheme" is such an ugly word. :eek: I'm sure you meant to say "solution" ..:rolleyes: :facepalm:
 
You must log in or register to reply here.

Similar threads

Cal Jeffrey
Microsoft left a server containing employee credentials exposed to the internet for a month
Replies
3
Views
141
plambert2015
P
midian182
Meta will blur images containing nudity in Instagram messages to under 18s
Replies
6
Views
122
Nobina
Nobina
midian182
US prison system proposes total social media ban for inmates, sparking First Amendment concerns
2
Replies
40
Views
750
trparky
T

Latest posts

Back