Just recently, I came across the movie “Snowden” whilst on a flight to Tokyo. Based on a true story, it depicted how Edward Snowden had leaked classified government documents which consisted of many global surveillance programs. People realized that they were being “spyed on” by the government constantly and this brought up controversy about mass surveillance and highlighted the issue of data privacy.
With the advent of Web 2.0, consumers are now “prosumers” – on top of consuming, they can now produce information as well. At the same time, social media sites were introduced to the Internet. People could utilize these platforms to share information and ideas. They could share anything and everything yet most did not consider the repercussions this freedom could entail.
So how can your data be compromised?
First of all, many know that data breach can be attributed to hackers. These people utilize bugs and exploits to break into fortified networks or systems. Then with the data they have obtained from the sites they have hacked, the hackers either choose to use it for good (i.e. exploit corrupt corporations) or for bad (i.e. misuse data of others). Most of the time though, they hack for their own benefit, meaning the data collected will be used unethically.
Secondly, and less commonly known, data breach can be due to internal factors. This means that someone within the organization had intentionally or unintentionally leaked the private data. By unintentionally, I meant that a worker in the organisation could have been careless when handling the data, or had accidentally download dubious content online hence allowed viruses to infiltrate their system database.
By intentionally, I meant that the organisation itself had the intention of spreading personal data or that an individual in the organisation had leaked data to sabotage the company. Ever thought what happens to your data after you checked “I agree” to the terms and conditions of the organisation? Most people do not actually think twice or even read through the lengthy T&C. They often end up giving organisations the go ahead to use and share their personal data. For instance, Telco companies have been reported to sell their subscribers’ phone numbers to several other companies. Now you know why you keep receiving random texts or calls even when you didn’t give them your number.
In 2016, Yahoo had revealed about a data breach issue that they experienced once in 2014 and another in 2013. The former affected around 500 million users whereas the latter affected 1 billion users. Data in the form of names, email addresses, phone numbers, date of births and passwords were leaked. Hackers could access many accounts without having the password to it.
In 2012, Facebook had allegedly exposed the phone numbers and email addresses of 6 million users. This happened when users used the “Download Your Information” tool but received information other than their own. This apparently went on for a year – imagine how many trunks of data would have been leaked?!
So from this we have see that one’s data is extremely vulnerable once it is out in the Internet. With the increasing reliance on the Internet and Social Media, it is hard for anyone to prevent their data from going online. What we can do is to be more careful about the material we upload and practice vigilance all the time.