US – Facebook is buying stolen passwords from the dark web to ensure the security of its users.
The social media giant is buying stolen passwords on the dark web, cross-referencing them with its users’ passwords and providing those whose security has been compromised with information on how to update and strengthen them.
Security is a key concern for consumers and brands. According to Panda Labs, some 230,000 new malware samples were produced daily in 2015. But following the announcement Facebook has been accused of subsidising criminal activity, and the legality of the initiative has been questioned.
Facebook offers a variety of security options, including a two-factor authentication system that users must pass when trying to access their account from a different computer, and is using machine learning to identify criminal activity on the platform.
‘Even though we provide these options, it is our responsibility to think about those people that choose not to use them,’ explained Stamos. ‘Usernames and passwords are an idea that came out of 1970s mainframe architectures – they were not built for 2016.’
To date, Facebook is the only company to have publicly admitted to purchasing consumers’ security data, but the announcement will undoubtedly open up future discussion about the practice.
Brands such as Black Cooperative are using the dark web to market their products, but the revelation by Facebook shows how companies are beginning to interact with rather than avoid this relatively untapped online domain.