Posts

Of all the user-centric, social media websites on the internet, it is possible that none has faced as much intense public and government scrutiny as Facebook. Apart from various bugs, glitches, and possible hacking attempts the company has endured since its launch, governments around the world have taken the website and its founder to task for nearly abusing its users’ privacy.

The site has a long history of gathering, storing, and selling users’ information and internet habits to third-parties, some of whom users do not want to be associated with. There have even been allegations that one specific third-party, Cambridge Analytica, was using information to influence political action.

Now, after a lot of public and legislative demand, Facebook will launch a new feature this year that lets its users clear their Facebook “connection” history. No, this will not delete your posts or photographs instead, Facebook clear history will show users what apps and websites they have visited that maintained a connection to their Facebook accounts, and give users the ability to break that connection by deleting their history.

Why should you do this? First, it puts a dent in the number of websites that can see your posts or content and gather information about where you go, who you visit, what you like, and more. From there, it can stop that information from being sold to advertisers.

The purpose of Facebook clear history really comes down to removing any trace of a connection rather than just blocking a website from accessing your data. Think of this example: if you were simply to remove a baby product website from your Facebook access, that one website could no longer target you with ads. However, any other website that sells similar products may still be able to see that you were once connected and that you interacted with those ads.

Until this new feature launches, there are some things consumers can do if they want to help safeguard some of their privacy on social media. Remember, though, the entire reason you can use these platforms for free is because they are benefitting financially from third parties who pay for access to your account activity.

First, stop logging in with Facebook. It’s very convenient to simply tap “log in with Facebook” on an app or other websites, but it connects that app or website to your Facebook account. Next, stop sharing the news of your latest high score in a game; no one actually cares how well you are playing, but more importantly that game is connected to your profile information. The entire reason that game lets you play for free is because they want that access.

Finally, do your own privacy checkups from time to time, not just on social media but on all of your online accounts. Delete cookies and your browser history if you do not want that information stored, and make sure your passwords are strong and up-to-date in order to keep hackers at bay.


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

Read next: The How and Why of Tax Identity Theft

Today, Facebook announced a recently discovered security breach that relied on an open vulnerability in the platform’s coding. The “View As” feature, which lets users see their own profiles in the way that others see them—without all of the extra admin sidebar content that lets you control your wall—contained script that allowed hackers to use around 50 million accounts.

Facebook first closed the vulnerability and forced a re-login for the 50 million affected accounts. Then, they repeated the forced login for an additional 40 million accounts that didn’t seem to have been affected but that had used the View As feature.

From there, Facebook shut down the View As feature until they can secure it from further fraudulent use.

According to a report about the incident from Facebook, “Our investigation is still in its early stages. But it’s clear that attackers exploited a vulnerability in Facebook’s code that impacted ‘View As,’ a feature that lets people see what their own profile looks like to someone else. This allowed them to steal Facebook access tokens which they could then use to take over people’s accounts. Access tokens are the equivalent of digital keys that keep people logged in to Facebook so they don’t need to re-enter their password every time they use the app.”

Whether you hear anything official from the company or not, there are some actionable steps you should take. First, change your password—which you really should be doing routinely in order to maintain your privacy and security. Any apps that you’ve connected to Facebook (you’ll know you’ve done this if you are able to log into it with your Facebook account) need to be force closed and logged out; it’s a good idea to a) change your password on those if you have one, and b) revoke the permission for Facebook to connect with it by going into your Facebook settings and removing it. Go into your settings and find all of the current devices you are logged into ( see screenshot above) and click “Log out of all devices” to ensure that no one with bad intentions may still be logged in to your account.

Finally in this case, changing your password means that you are changing the tokens on your devices that allow you to stay logged in. By doing this, it should update the tokens that might have fallen into the hands of bad-actors that might want the valuable personal information that would be in your Facebook profile. Remember, periodic proactive checks to your privacy and security settings will help you stay one step ahead of the identity thieves.


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

Read next: The Harm in Hoaxes on Social Media