Facebook’s claim to dismiss a lawsuit against it over the data breach that exposed information of nearly 30 million people in September last year has been rejected by a US court. A US district judge William Alsup has dismissed Facebook's request, saying that the claims filed by the social media giant are negligent and the company failed to secure users' data as promised. Alsup further added that the case will go forward and that the discovery should move ‘with alacrity’ towards trial, Alsup added.
Last year, Facebook confirmed that unknown hackers exploited a vulnerability to access details of over 50 million users, which was later adjusted to 30 million. According to Facebook, attackers exploited a bug found in Facebook’s code that impacted ‘View As’ – a feature that lets people view how their own profile looks like to someone else. The bug let hackers steal Facebook’s access tokens, which they used to take over peoples’ accounts.
Earlier, Turkey's watchdog ‘Personal Data Protection Authority’ has fined Facebook 1.65 million Turkish liras ($280,000) over the data breach.
In March, Facebook admitted storing millions of user’s passwords in plain readable text for years, making them vulnerable to hackers or anyone for who would have internal access to the files.
While Facebook uses hashing technique to protect the passwords, but according to Krebs on Security, a vulnerability in a few of the Facebook-branded apps left passwords accessible to over 20,000 company employees.
Somewhere between 200 million and 600 million Facebook users are said to be affected, the security firm said earlier. Later, Facebook confirmed the issue saying that the bug was identified in January as part of a security review.