The Ultimate Guide to the Facebook Breach 

Facebook’s origin story begins with a Harvard psychology and computer science student, Mark Zuckerberg. With the intention of connecting students across campus, Zuckerberg built the website “Thefacebook.” Launched in February of 2004, the website allowed users to create a profile featuring their photos and information. Originally built for Harvard students, the social media site expanded to include other Boston universities and eventually spread to include all American universities. In 2005, “Thefacebook” was renamed to Facebook and it had over a million members. Today, Facebook has become an integral part of our everyday life. Over a billion people use the site to share photos, information, products, and games with their friends and families. However, much like other companies, Facebook is vulnerable to information breaches.  In fact, it is the newest victim in the breaching trend that is plaguing the business world.  

The breach began in 2013. Aleksandr Kogan, a researcher for Cambridge University, created the personality quiz, “This Is Your Digital Life.” About 270,000 people downloaded the app and chose to sign-in with their Facebook account. This allowed the app to access the person’s Facebook information and their friend’s information, which included birthdays, political views, likes, locations, photos, relationships, work and education history, and much more. Over 87 million people had their information accessed without their knowledge or consent. 

The app was able to access people’s information because of Facebook’s lax security and privacy settings. Up until 2015, Facebook allowed third-party developers to access the information of Facebook users so long as the person gave the developers their permission. Therefore, if a person created an account with an app using their Facebook credentials, the company would be able to not only access a person’s Facebook information, but also their friend’s data. This crucial information could help marketers create a more enticing ad or product tailored to a person. Facebook even allowed its information to be stored on the developers’ database.  

Upon learning that Kogan shared the information he gathered from Facebook users with Cambridge Analytica, a data mining and analysis company, Facebook banned his app from the website. Additionally, Facebook demanded that both Kogan and Cambridge Analytica destroy all information from Facebook users. Even though Facebook did receive confirmation that all data had been deleted, it was later revealed that this was not true. Facebook proceeded to ban Cambridge Analytica from all its services and launched an investigation of the company. 

In an effort to better protect users from possible data breaches, Facebook has instated new standards and procedures. Initially, Facebook will examine other apps that access a large amount of data. Apps with suspicious activity will be audited and, if the developer does not agree to be investigated, banned. Additionally, user information will be more restricted from developers. If a person has not used an app within three months, Facebook will remove the developers’ access to that user’s data. The information available to developers will be limited to a person’s name, profile picture, and email. Developers will also have to receive permission from a user, and sign a contract with Facebook, to obtain posts or private data. Finally, Facebook will add a tool at the top of the news feed that reveals which apps can access a person’s data. A person can also remove an app’s permission to their data using the tool.  

Even with the extra protection Facebook is establishing, users can also take steps to better protect their information. First, begin by limiting who can view your posts. In the General Settings area, under Privacy, a user can limit who can see future posts. This can be set to Public, which includes everyone, friends, or friends except, which allows only specific friends to view a post. Facebook also allows people to search for a user with a phone number or email address. These can also be set to friends, everyone, or friends of friends. Additionally, a user can also control posts they are tagged in from appearing in their timeline by enabling the “Review posts you’re tagged in before the post appears on your timeline” setting. These protection methods would not have stopped the Cambridge breach, however, as people, or their friends, willingly gave the company access to their information. Nevertheless, these new privacy settings will help stop the spread of information in the future.   

From humble beginnings in a Harvard dorm room to a multi-billion-dollar company, Facebook has become the latest social media site to experience a massive information breach. It is unknown how this will affect users in the coming years, however, Facebook has taken steps to protect personal data and to prevent this catastrophe from occurring in the future.  



Author: Emily Cieslewicz 




Phillips, Sarah. “A Brief History of Facebook.” The Guardian, Guardian News and Media, 25 July 2007, 

Chaykowski, Kathleen. “Mark Zuckerberg Addresses ‘Breach of Trust’ In Facebook User Data Crisis.” Forbes, Forbes Magazine, 21 Mar. 2018, 

Hartmans, Avery. “It’s Impossible to Know Exactly What Data Cambridge Analytica Scraped from Facebook – but Here’s the Kind of Information Apps Could Access in 2014.” Business Insider, BusinessInsider, 22 Mar. 2018, 

WIRED Video Staff. “How to Lock Down Your Facebook Security and Privacy Settings.” Wired, Conde Nast, 13 Mar. 2018, 




Leave a Reply