Cyber Attack and Vulnerabilities: Facebook and eBay Case Study
VerifiedAdded on 2023/01/12
|10
|2816
|25
AI Summary
This report highlights the case study of ebay and Facebook in the market. It discusses the cyber attack and vulnerabilities that led to these issues, the responsible parties, and the ways to mitigate the risk. It also compares the background, similarities, and dissimilarities of the two cases. The report concludes with reflections and recommendations.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
CASE STUDY
1
1
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Table of Contents
INTRODUCTION...........................................................................................................................3
PART 1............................................................................................................................................3
2........................................................................................................................................................3
How did the attack occur........................................................................................................3
What were the vulnerabilities in the system (or systems) that were breached?.....................3
Who was responsible and why did they target the organization?..........................................4
Was it avoidable?...................................................................................................................4
How can Cyber Insurance mitigate the risk?..........................................................................5
3........................................................................................................................................................5
Discuss the background in the two cases you chose..............................................................5
What were the biggest similarities in the two cases?.............................................................6
What were the biggest dissimilarities in the two cases?.........................................................6
What could the companies learn from each other?................................................................7
PART 2............................................................................................................................................7
REFLECTION.................................................................................................................................7
CONCLUSION................................................................................................................................8
REFERENCES................................................................................................................................9
2
INTRODUCTION...........................................................................................................................3
PART 1............................................................................................................................................3
2........................................................................................................................................................3
How did the attack occur........................................................................................................3
What were the vulnerabilities in the system (or systems) that were breached?.....................3
Who was responsible and why did they target the organization?..........................................4
Was it avoidable?...................................................................................................................4
How can Cyber Insurance mitigate the risk?..........................................................................5
3........................................................................................................................................................5
Discuss the background in the two cases you chose..............................................................5
What were the biggest similarities in the two cases?.............................................................6
What were the biggest dissimilarities in the two cases?.........................................................6
What could the companies learn from each other?................................................................7
PART 2............................................................................................................................................7
REFLECTION.................................................................................................................................7
CONCLUSION................................................................................................................................8
REFERENCES................................................................................................................................9
2
INTRODUCTION
This report highlights the case study of ebay and Facebook in the market. This report
highlights the way cyber attack and vulnerabilities which has result in this issue. After that
report highlights the responsible party and how it can be avoid. After that the report highlights
comparison between issue of Facebook and ebay cyber security issue.
PART 1
2
How did the attack occur
In the year 2017 it was found that Facebook has been suffered with the global cyber
security issue in the organization i.e. data breaching. As it has been identified that almost 50
million user data was breached from the organization other 40 million users data were secured
by company. It was published by Facebook that the reason behind occurring of this issue in the
company was only one bug there were three bug in the operation and software of company has
led to data exposure for the company (Hortaçsu, Martínez-Jerez and Douglas, 2019). It has been
highlighted by the vice president of product management in Facebook that there were bug in the
video uploading feature of the company. Video uploading notification used to frequently occur
on the platform this is the time when different hacker used to hack the different information of
different consumer from the platform. Also using view as feauture to view your profile as
someone else. It has been also identified by the Facebook that they are not having any specific
location from the place this thing was occurring but Facebook is having some sort of evidence of
Russia’s attempt to meddle in American democracy and influence our election (Solove and
Citron, 2017).
What were the vulnerabilities in the system (or systems) that were breached?
There were three bug in the view as profile feature of the organization which has given
the token to all the hacker to look at different vulnerability that allow different user to use
different personal data of an individual. Mark Zuckerberg has highlighted that the real issue was
in the feature of video uploading feature of the company, this has eventually help the different
developer to use APIs to obtain some information of the consumer that is name, gender and
hometowns of the person which is linked to the user profile page. These vulnerabilities used to
give the token to the hacker to get different information regarding the profile of the customer in
3
This report highlights the case study of ebay and Facebook in the market. This report
highlights the way cyber attack and vulnerabilities which has result in this issue. After that
report highlights the responsible party and how it can be avoid. After that the report highlights
comparison between issue of Facebook and ebay cyber security issue.
PART 1
2
How did the attack occur
In the year 2017 it was found that Facebook has been suffered with the global cyber
security issue in the organization i.e. data breaching. As it has been identified that almost 50
million user data was breached from the organization other 40 million users data were secured
by company. It was published by Facebook that the reason behind occurring of this issue in the
company was only one bug there were three bug in the operation and software of company has
led to data exposure for the company (Hortaçsu, Martínez-Jerez and Douglas, 2019). It has been
highlighted by the vice president of product management in Facebook that there were bug in the
video uploading feature of the company. Video uploading notification used to frequently occur
on the platform this is the time when different hacker used to hack the different information of
different consumer from the platform. Also using view as feauture to view your profile as
someone else. It has been also identified by the Facebook that they are not having any specific
location from the place this thing was occurring but Facebook is having some sort of evidence of
Russia’s attempt to meddle in American democracy and influence our election (Solove and
Citron, 2017).
What were the vulnerabilities in the system (or systems) that were breached?
There were three bug in the view as profile feature of the organization which has given
the token to all the hacker to look at different vulnerability that allow different user to use
different personal data of an individual. Mark Zuckerberg has highlighted that the real issue was
in the feature of video uploading feature of the company, this has eventually help the different
developer to use APIs to obtain some information of the consumer that is name, gender and
hometowns of the person which is linked to the user profile page. These vulnerabilities used to
give the token to the hacker to get different information regarding the profile of the customer in
3
the market. It was also identified by the company that vulnerability in the software has not
helped the hacker in getting the personal message or any other information, they were generally
got the information regarding different profile of the individual in a market.
Who was responsible and why did they target the organization?
Reason behind targeting Facebook was same that Facebook is the platform which used to
large number of consumer in the platform as compare to other many different type of social
media platform which is present in front of different consumer in the market. As a result the
hacker has selected Facebook as a platform to hack the data of different consumer in the market.
There were many different party who were responsible for such a lack in an organization. Some
of the responsible parties are as follows:
Company: Facebook is one of the parties which are responsible for this type of issue in
an organization. It has been analyzed that Facebook was not having that sort of knowledge for
first 8-10 month. This has given ample time for the hacker to hack variety of different
information of consumer in the market. So companies’ irresponsibility is one of the main
reasons behind this data breaching activity.
IT software and IT department: These are the specific department of the company
which was also responsible for occurring this type of issue in an organization. As it has been
analyzed that the IT department of the company was not controlling the software and measure in
the organization this has eventually resulted in occurrence of this type of issue in an organization
(Tuttle, 2018).
Was it avoidable?
This issue was avoidable if organization is having good and secure measure in the
organization who can restrict different hacker to perform variety of unlawful activity in an
organization. This was not the case with the Facebook in real, as it was find out that organization
was that irresponsible that they were not having the idea of such type of issue taking place in the
organization in initial some months. So it was impossible for the organization like Facebook to
avoid this type of issue to be taken place in an organization (Fitzpatrick and et.al., 2018).
At the same time there were many different possibility as well in front of organization
through which this type of different issue can be avoidable in the organization. Facebook is one
4
helped the hacker in getting the personal message or any other information, they were generally
got the information regarding different profile of the individual in a market.
Who was responsible and why did they target the organization?
Reason behind targeting Facebook was same that Facebook is the platform which used to
large number of consumer in the platform as compare to other many different type of social
media platform which is present in front of different consumer in the market. As a result the
hacker has selected Facebook as a platform to hack the data of different consumer in the market.
There were many different party who were responsible for such a lack in an organization. Some
of the responsible parties are as follows:
Company: Facebook is one of the parties which are responsible for this type of issue in
an organization. It has been analyzed that Facebook was not having that sort of knowledge for
first 8-10 month. This has given ample time for the hacker to hack variety of different
information of consumer in the market. So companies’ irresponsibility is one of the main
reasons behind this data breaching activity.
IT software and IT department: These are the specific department of the company
which was also responsible for occurring this type of issue in an organization. As it has been
analyzed that the IT department of the company was not controlling the software and measure in
the organization this has eventually resulted in occurrence of this type of issue in an organization
(Tuttle, 2018).
Was it avoidable?
This issue was avoidable if organization is having good and secure measure in the
organization who can restrict different hacker to perform variety of unlawful activity in an
organization. This was not the case with the Facebook in real, as it was find out that organization
was that irresponsible that they were not having the idea of such type of issue taking place in the
organization in initial some months. So it was impossible for the organization like Facebook to
avoid this type of issue to be taken place in an organization (Fitzpatrick and et.al., 2018).
At the same time there were many different possibility as well in front of organization
through which this type of different issue can be avoidable in the organization. Facebook is one
4
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
of the best company which is having good sort of infrastructure in the nation. Also software of
the company was providing the variety of different sort of signal to the company that there is
some sort of the issue in the operation of the business. Frequent pop up of different notification
by looking at this type of the signal and analyzing the same in better manner in the organization,
facebook would be able to avoid different type of issue which has played in an organization.
How can Cyber Insurance mitigate the risk?
Cyber insurance is an type of insurance product of an organization which generally used
to help the different business hedge against potentially devasting effect of cybercrime in an
organization that is malware, ransom ware, distributed denial of services attacks in an
organization. This type of the insurance in the organization used to help the company in
overcoming variety of the issue and getting remedies of the different issue which has been faced
by the company in the market.
Cyber Insurance has helped the company in understanding the different issue which may
be faced by the company at the initial stage itself. This would have definitely helped the
company in solving the different issue more easily in the market. This would have helped the
company in getting good hand of support from different consumer at this crises time as well. As
all the consumer will be sure that organization or Face book used to care about them in the
market (Waterfield and Revell, 2018).
3
Discuss the background in the two cases you chose.
Both eBay and Facebook in both the cases the nature of the breaching was the same as it
was done in the organization to steal the data of different consumer in the market and also
different information related to the credential of the customer in the market. But the background
of both the data breaching very different as in the case of the data breaching in the organization
was taken place by introducing variety of different bug in the platform of the company, this
eventually used to help the hacker in getting the information of different information regarding
the customer profile in the market. At the same time in the case of the eBay organization hackers
in the organization has stolen the different credential of the employee in the organization and on
the basis of the same hacker were able to get the information of the customer from the company.
5
the company was providing the variety of different sort of signal to the company that there is
some sort of the issue in the operation of the business. Frequent pop up of different notification
by looking at this type of the signal and analyzing the same in better manner in the organization,
facebook would be able to avoid different type of issue which has played in an organization.
How can Cyber Insurance mitigate the risk?
Cyber insurance is an type of insurance product of an organization which generally used
to help the different business hedge against potentially devasting effect of cybercrime in an
organization that is malware, ransom ware, distributed denial of services attacks in an
organization. This type of the insurance in the organization used to help the company in
overcoming variety of the issue and getting remedies of the different issue which has been faced
by the company in the market.
Cyber Insurance has helped the company in understanding the different issue which may
be faced by the company at the initial stage itself. This would have definitely helped the
company in solving the different issue more easily in the market. This would have helped the
company in getting good hand of support from different consumer at this crises time as well. As
all the consumer will be sure that organization or Face book used to care about them in the
market (Waterfield and Revell, 2018).
3
Discuss the background in the two cases you chose.
Both eBay and Facebook in both the cases the nature of the breaching was the same as it
was done in the organization to steal the data of different consumer in the market and also
different information related to the credential of the customer in the market. But the background
of both the data breaching very different as in the case of the data breaching in the organization
was taken place by introducing variety of different bug in the platform of the company, this
eventually used to help the hacker in getting the information of different information regarding
the customer profile in the market. At the same time in the case of the eBay organization hackers
in the organization has stolen the different credential of the employee in the organization and on
the basis of the same hacker were able to get the information of the customer from the company.
5
It has been identified that the impact of ebay data breaching was at a higher scale as compare to
that of a facebook in the nation. It has been identified that 145 million customer information was
stolen from the company. At the same time 50 million customer information was stolen from the
company. Also, ebay was fast enough to respond to the crisis which has taken place in their
organization as compare to the crises which has been taken place in the facebook as a result
impact of facebook crises has brought more significant impact as compare to ebay crises in an
organization (Bates and Hassan, 2019).
What were the biggest similarities in the two cases?
Looking at the cases of both the company it can be said that there are many different type
of similarity in between two cases which has been taken place in both the respective company.
Some of the similarities are as follows:
Consumer personal information: Both the cases which has been taken place in the
organization are taken place with the sole motive of getting different consumer personal
information from the market. As in both the cases the information regarding customer was stolen
by the hacker. Different information which are being stolen is the name, gender and age of
different consumer from the market (Adedeji, 2019).
Measure: Another similarity in between both the cases is that both the company has
taken the same immediate basis to over come the issue which is faced by a both the company.
As both the company has restored the account by logging out all the customer from their
accounts and asking them to login into the account once again by resting their credential in the
market. So organization has to make sure that they different accounts of customer are reset in an
organization.
What were the biggest dissimilarities in the two cases?
Occurrence of issue: Way hacker has stolen the information of the company is very
different. As it has been find out that the information from ebay is stolen with the help of
stealing the credential of different employee of the organization and hacker used to log in into
the account of different employee with the help of the same hacker has breached the different
information from the organization At the same time in Facebook case the hacker in the
organization has breached the variety of the information of the consumer by introducing variety
6
that of a facebook in the nation. It has been identified that 145 million customer information was
stolen from the company. At the same time 50 million customer information was stolen from the
company. Also, ebay was fast enough to respond to the crisis which has taken place in their
organization as compare to the crises which has been taken place in the facebook as a result
impact of facebook crises has brought more significant impact as compare to ebay crises in an
organization (Bates and Hassan, 2019).
What were the biggest similarities in the two cases?
Looking at the cases of both the company it can be said that there are many different type
of similarity in between two cases which has been taken place in both the respective company.
Some of the similarities are as follows:
Consumer personal information: Both the cases which has been taken place in the
organization are taken place with the sole motive of getting different consumer personal
information from the market. As in both the cases the information regarding customer was stolen
by the hacker. Different information which are being stolen is the name, gender and age of
different consumer from the market (Adedeji, 2019).
Measure: Another similarity in between both the cases is that both the company has
taken the same immediate basis to over come the issue which is faced by a both the company.
As both the company has restored the account by logging out all the customer from their
accounts and asking them to login into the account once again by resting their credential in the
market. So organization has to make sure that they different accounts of customer are reset in an
organization.
What were the biggest dissimilarities in the two cases?
Occurrence of issue: Way hacker has stolen the information of the company is very
different. As it has been find out that the information from ebay is stolen with the help of
stealing the credential of different employee of the organization and hacker used to log in into
the account of different employee with the help of the same hacker has breached the different
information from the organization At the same time in Facebook case the hacker in the
organization has breached the variety of the information of the consumer by introducing variety
6
of the bug on to the platform of the company. This has eventually helped the hacker in getting
the information of different employee directly with the help of view as option of an organization.
Nature of issue: In the case of the facebook the nature of the issue was technical as
organization has taken help of different technical bug to steal the different information of the
customer from the market. At the same time in the case of ebay the nature of issue of human
one. As information about the employee credential was stolen and with the help of same
different information was stolen. At the same time ebay issue was performed at wider scope as
information of 145 million consumers was stolen from the market. At the same time in the case
of face the scope of the issue was very small as compare to ebay one as it has been identified
that only 50 million customer information was stolen irrespective of number of consumer both
the platform has (Brainerd, 2019).
What could the companies learn from each other?
From these cases both the company has learned variety of the thing some of the learning
is as follows:
Maintaining different measuring tool: Both the organization after this will make sure that
they used to make different security measures in the organization ands evaluating the same on
regular basis. This will only help the company in understanding the different unlawful activity
which is there on the organization and on the basis of the same organization can take different
measure in the organization to maintain a good sort of security concern in an organization.
Importance of consumer belief: It is another important learning which will be learned by the
company in the market. As it has been identified that with the help of this cases the customer
satisfaction level of different consumer will be impact very adversely and both the organization
have to see variety of negative impact of same. So from the same organization is able to
understand the importance of customer belief in the organization (Cadwalladr and Graham-
Harrison, 2018).
PART 2
REFLECTION
As a regular consumer of facebook I was also suffered with the data breaching issue in
the organization. In the initial stage I was very unhappy with the same in the organization. As I
7
the information of different employee directly with the help of view as option of an organization.
Nature of issue: In the case of the facebook the nature of the issue was technical as
organization has taken help of different technical bug to steal the different information of the
customer from the market. At the same time in the case of ebay the nature of issue of human
one. As information about the employee credential was stolen and with the help of same
different information was stolen. At the same time ebay issue was performed at wider scope as
information of 145 million consumers was stolen from the market. At the same time in the case
of face the scope of the issue was very small as compare to ebay one as it has been identified
that only 50 million customer information was stolen irrespective of number of consumer both
the platform has (Brainerd, 2019).
What could the companies learn from each other?
From these cases both the company has learned variety of the thing some of the learning
is as follows:
Maintaining different measuring tool: Both the organization after this will make sure that
they used to make different security measures in the organization ands evaluating the same on
regular basis. This will only help the company in understanding the different unlawful activity
which is there on the organization and on the basis of the same organization can take different
measure in the organization to maintain a good sort of security concern in an organization.
Importance of consumer belief: It is another important learning which will be learned by the
company in the market. As it has been identified that with the help of this cases the customer
satisfaction level of different consumer will be impact very adversely and both the organization
have to see variety of negative impact of same. So from the same organization is able to
understand the importance of customer belief in the organization (Cadwalladr and Graham-
Harrison, 2018).
PART 2
REFLECTION
As a regular consumer of facebook I was also suffered with the data breaching issue in
the organization. In the initial stage I was very unhappy with the same in the organization. As I
7
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
was thinking that my information can be used by any company in the market, this eventually
will create the situation that I may have to also face variety of the legal compliance in the nation
as well. So, I decided to file a case against the company and ask for the best remedies from the
company. This was the reaction which was of thousand of the customer in the market but after
time I was understand that customer is doing well in the organization to reduce the impact as
Facebook has make sure that the information which was stolen by different hacker was the
personal detail of the consumer of the individual only. Also, facebook is taking variety of
different step to catch different hacker of the information from the market. This has also helped
me in understanding that Facebook is taking very corrective action and also they have taken the
responsibility and apologies all the customer. This is very big and good initiative which has been
taken by the company as there are many less company who used to understand and take
responsibility.
So after some time I was clear that Facebook will provide the best remedies and also
organization is looking to improve the different security measure of the company in the market.
This has given me the assurance that these type of activity will not take place again in the
organization I can carry on with the usage of facebook. It is secure to use same in current
scenario.
CONCLUSION
This report concludes the way cyber attack and vulnerabilities which has resulted in brining
variety of the issue in the market. Than report concludes the responsible party and how it can be
avoided by different company in the company. Then report concludes comparison between issue
of Facebook and ebay cyber security issue.
8
will create the situation that I may have to also face variety of the legal compliance in the nation
as well. So, I decided to file a case against the company and ask for the best remedies from the
company. This was the reaction which was of thousand of the customer in the market but after
time I was understand that customer is doing well in the organization to reduce the impact as
Facebook has make sure that the information which was stolen by different hacker was the
personal detail of the consumer of the individual only. Also, facebook is taking variety of
different step to catch different hacker of the information from the market. This has also helped
me in understanding that Facebook is taking very corrective action and also they have taken the
responsibility and apologies all the customer. This is very big and good initiative which has been
taken by the company as there are many less company who used to understand and take
responsibility.
So after some time I was clear that Facebook will provide the best remedies and also
organization is looking to improve the different security measure of the company in the market.
This has given me the assurance that these type of activity will not take place again in the
organization I can carry on with the usage of facebook. It is secure to use same in current
scenario.
CONCLUSION
This report concludes the way cyber attack and vulnerabilities which has resulted in brining
variety of the issue in the market. Than report concludes the responsible party and how it can be
avoided by different company in the company. Then report concludes comparison between issue
of Facebook and ebay cyber security issue.
8
REFERENCES
Books and Journals
Cadwalladr, C. and Graham-Harrison, E., 2018. Revealed: 50 million Facebook profiles
harvested for Cambridge Analytica in major data breach. The guardian. 17. p.22.
Fitzpatrick, A and et.al., 2018. Generating Text Summaries for the Facebook Data Breach with
Prototyping on the 2017 Solar Eclipse.
Adedeji, A. T., 2019. Facebook Privacy Crisis and its Impact on Organizational Trust (Doctoral
dissertation, Mount Saint Vincent University).
Waterfield, P. and Revell, T., 2018. Data breach exposed.
Tuttle, H., 2018. Facebook scandal raises data privacy concerns. Risk Management. 65(5). pp.6-
9.
Hortaçsu, A., Martínez-Jerez, F. A. and Douglas, J., 2019. Replication data for: The Geography
of Trade in Online Transactions: Evidence from eBay and MercadoLibre.
Bates, A. and Hassan, W. U., 2019. Can Data Provenance Put an End to the Data Breach?. IEEE
Security & Privacy. 17(4). pp.88-93.
Solove, D. J. and Citron, D. K., 2017. Risk and anxiety: A theory of data-breach harms. Tex. L.
Rev.. 96. p.737.
(
9
Books and Journals
Cadwalladr, C. and Graham-Harrison, E., 2018. Revealed: 50 million Facebook profiles
harvested for Cambridge Analytica in major data breach. The guardian. 17. p.22.
Fitzpatrick, A and et.al., 2018. Generating Text Summaries for the Facebook Data Breach with
Prototyping on the 2017 Solar Eclipse.
Adedeji, A. T., 2019. Facebook Privacy Crisis and its Impact on Organizational Trust (Doctoral
dissertation, Mount Saint Vincent University).
Waterfield, P. and Revell, T., 2018. Data breach exposed.
Tuttle, H., 2018. Facebook scandal raises data privacy concerns. Risk Management. 65(5). pp.6-
9.
Hortaçsu, A., Martínez-Jerez, F. A. and Douglas, J., 2019. Replication data for: The Geography
of Trade in Online Transactions: Evidence from eBay and MercadoLibre.
Bates, A. and Hassan, W. U., 2019. Can Data Provenance Put an End to the Data Breach?. IEEE
Security & Privacy. 17(4). pp.88-93.
Solove, D. J. and Citron, D. K., 2017. Risk and anxiety: A theory of data-breach harms. Tex. L.
Rev.. 96. p.737.
(
9
10
1 out of 10
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.