Facebook’s parent company Meta has revealed that anybody who exposes the scraping of Facebook user data that has been harvested covertly by unscrupulous parties will be paid. In addition, the business will pay the identification of faults that result in data collection in the first place, which is pretty standard stuff.
User data obtained by hostile organizations by simply executing a web script or installing hacked software might earn a high price on the black market. The collected data, which can range from contact numbers to email addresses and financial information, can be exploited for targeted ads, blackmail, and to perform a variety of other crimes.
Facebook and LinkedIn both acknowledged data breaches in 2021, hitting nearly half a billion people on both networks. Due to this the company has also been criticized for a long by both the users and rivals. Keeping this in mind Facebook offers a bounty in the hopes of permanently resolving the data scraping crisis.
Meta’s bug bounty program will include confirmed allegations of data scraping comprising at least 100,000 unique Facebook user data, according to the company. Scraped information must, indeed, comprise Individually Identifiable Information including email addresses, contact information, home addresses, religious preference, and political affiliation, etc.
Furthermore, the collected data must be visible online or on a domain that is not operated by Meta. In terms of the incentive, Facebook claims it will pay an average of $500 for each scrape vulnerability or dataset discovered.
Let me tell you that the dataset could have stemmed from a number of ways. Hence, if the stolen data is kept outside, Facebook will request the pertinent file-sharing or cloud storage provider to pull it all down.
Earlier in 2o21, unsecured S3 buckets on Amazon Web Services have led to some drastic data exposures. According to InfoSecurity, a breach in Cosmolog Kozmetik’s S3 bucket compromised the data of nearly half a million people. However, it’s worth mentioning that the data scraping reward will only apply to Facebook, not its subsidiary sites such as Instagram or WhatsApp.