Cybersecurity has popped up in the news cycle again, and this week, it's a mean turn against Facebook. The big blue social network is absorbing body blows from the FTC, the British House of Commons, and the online world at large. And ironically, many of the attacks are coming from competing social media platforms that also collect personal information, including Twitter.
The data breach this time wasn't a simple grab-and-run hack for credit cards or social security numbers, like previous large-scale attacks such as those leveraged against Equifax or the actual SEC. The motive in the latest Facebook scandal involves possible election fraud by the Trump campaign via the firm Cambridge Analytica, and has been summed up all over the news.
I'm not here to talk politics or take a side, though. I'm here to tell you the truth about your data. And sadly, it's this: Nothing you've already put online will ever truly go away. And as long as an entity other than you holds your personal information--be it bank account data, the credit card you use to buy stuff online, or your child's birth record, there's nothing much you can rely on--except the security prowess of your account keepers.
That's Supposed to Reassure Me?
Many of those sensitive data keepers aren't doing such a great job. eBay, Yahoo, Sony's PlayStation Network, and many other big firms have fallen to data breaches that have nothing to do with how cunningly you set the security features of your accounts. In some cases, huge blocks of encrypted data have been stolen, and the task for the thieves then becomes to decrypt it, revealing the victims' personal information. Other times, the data kept by a compromised website isn't even encrypted at all. The hackers then sell the data or make it freely available to anyone who can find it.
It's easy, right now, to fall into the #boycottFacebook hype and blame Mark Zuckerberg for our woes, but that's just the outrage flavor of the day; the concerns have been serious for ages. In many cases, data breaches are known about for months or years before they're even announced to the public. That means it's very likely your personal information has been floating around somewhere it shouldn't be for longer than you've been aware of it.
But Facebook isn't the only one at fault, and quitting Facebook or severing ties between it and all your favorite apps won't stop the information gathering. You'd have to quit Twitter, Snapchat, Reddit, Amazon, Google, Microsoft, any accounts you've got with the government (SSA.gov? FAFSA and other student aid?), and so on. Forget it--the Web would become a lonely place. And once you do quit all those sites you do business with, remember this: They're required to keep financial transaction data for years afterward. You'll never truly escape. And the larger your online footprint becomes, the more at-risk your data remains.
Probably Your Best Bet? Probability
So, what's the answer? You've seen the hints--you can employ strong, random passwords, use two-factor authentication wherever it's offered, never share anything you're told not to share, and abide by more hints you can find in Tom's Guide's Security section...and those are great. They'll likely hinder anyone whose sights are set personally on you and your data specifically.
But when your personal identifying information gets scooped up from the back end of a database, there's not much you can rely on, except obscurity and the sheer force of odds and numbers. When, say, 20 million accounts are breached, and the entire set of data is tossed in an endless set of lists on some server somewhere, the odds of some thief swiping your credit card versus any other to buy that new catamaran they've been eyeing, or grabbing your social security number to establish a new identity, are extremely unlikely.
Not exactly reassuring, is it? Think of it this way, though: If you were in a crowd of millions, and someone fired a few dozen tee-shirts from a cannon at the crowd, do you really think you'd get one? If you do, buy me a lottery ticket. I need some of your luck.
Bio: Joel Durham, Jr., has been a gadget geek since birth, and went pro engineering networks in 1995. In 1997, he began a tech-focused writing career, penning stories and columns for the likes of PC Gamer, CNET, ExtremeTech and Maximum PC. Now, after a hiatus for health reasons, he’s back and ready to overclock everything within reach once more.