Facebook has vowed to improve account security on its platform as part of a lawsuit over a 2018 hack that compromised the data of 29 million of its users.
However, Facebook is only proposing to do this as part of a settlement of the lawsuit. Specifically, Facebook says it would check more frequently for suspicious patterns of activity with access tokens, which allow people to actually log into and use their accounts.
Facebook has been accused of being negligent in 2018 with respect to software bugs, which allowed the hackers to exploit them. At the time, the hack was described as Facebook’s worst security breach.
Facebook, naturally, has denied any wrongdoing, arguing that there were “unknown and unforeseeable vulnerabilities” that resulted in the exploitation.
Ultimately, the results of the lawsuit are dependent on U.S. District Judge William Alsup. He has previously said that “Facebook’s repetitive losses of users’ privacy supplies a long-term need for supervision,” but beyond that, it remains to be seen what his ruling in this lawsuit be.
Meanwhile, the social network has been accused by the Privacy Commissioner of violating private sector policy law in Canada, which it denies. These legal proceedings will likely be lengthy, as the Privacy Commissioner has to compile evidence to present to the court.