Facebook was left red-faced earlier this month after the social network giant suffered a data protection mishap during a cybersecurity conference hosted in London, according to reports.
The blunder occurred when Facebook misplaced an email list of the summit’s participants.
Financial News London reports:
The privacy breach was not at any old seminar though, it happened at an event entitled “Cyber security: the next 50 years”, which was hosted by Facebook and The Fulbright Commission, the US-UK scholarship programme, at their offices in Brock Street.
The panel discussion was headed by Gail Kent, Facebook’s global public policy lead on security. Fulbright scholars and security experts Jamie Collier, Cameron Colquhoun and Karen Renaud also spoke and the talk was followed by a networking reception.
But the next day guests were shocked to receive an email from Chris Horry, chief operating officer at the Fulbright Commission, which has been forwarded to Capital.
Attendees initially assumed the message was an ironic joke, given the theme of the event, and wondered whether a Facebook employee had grabbed the guest list in view of the company’s track record on this issue.
“Unfortunately, I have to inform you that in the course of yesterday evening’s cyber security event, a printed guest list with the name of the invitee and email address has been mislaid,” an email via Horry to participants read. “Whilst we do not expect that the list has been misappropriated, we cannot exclude that possibility. Please rest assured we very much value your data privacy and sincerely apologise for this unfortunate incident.”
The screw-up comes after the Irish Data Protection Commission announced it would launch an investigation into Facebook over a recent data breach that allowed access to 90 million accounts worldwide.
The privacy watchdog said it will look into whether the social media giant complied with European regulations covering data protection that went into effect earlier this year. Further, the commission said in a statement that it would examine whether Facebook put in place “appropriate technical and organizational measures to ensure the security and safeguarding of the personal data it processes.” The commission previously revealed the number of E.U. accounts potentially affected numbered less than 5 million. Ireland, which is Facebook’s lead privacy regulator for Europe, is moving swiftly to investigate the Silicon Valley behemoth since the breach became public on September 28.
“Since discovering the data breach, the company reset the digital access codes of the nearly 50 million accounts affected. It’s also, as a precaution, resetting that information for another 40 million accounts, meaning about 90 million people will need to go through a formal log-in process with Facebook now,” Politico reports.
“We patched the issue last night and are taking precautionary measures for those who might have been affected,” Facebook CEO Mark Zuckerberg told reporters. “In the interest of transparency, we want to share everything we know now.”
European Union lawmakers appear set this month to demand audits of Facebook by Europe’s cybersecurity agency and data protection authority in the wake of the Cambridge Analytica scandal. A draft resolution submitted last Thursday to the E.U. Parliament’s civil liberties and justice committee urged Facebook to accept “a full and independent audit of its platform investigating data protection and security of personal data.”
The committee aims to adopt the resolution, which will almost certainly be modified, by October 10 and put it to the full assembly for endorsement in late October, well ahead of E.U. elections next May. The resolution also urges European justice authorities to investigate any alleged “misuse of the online political space by foreign forces,” and calls on the E.U.’s executive Commission to propose ways to boost the powers of Europe’s public prosecutor’s office so it can tackle crimes against electoral infrastructure.
The Associated Press contributed to this report.