(WJBK) - Facebook CEO Mark Zuckerberg is admitting that the social media giant failed to protect your data.
The social media mogul took the hot seat in front of a Senate committee investigating the Cambridge Analytica data scandal. Simultaneously, Facebook started notifying the 87 million people whose profiles were compromised, including many in Metro Detroit.
The tech giant sent out the message that explains how Cambridge Analytica may have taken their information. The note ends with not an apology but a promise to stay committed to fighting abuse.
Ann Podina got the message today and it came with explicit instructions.
"So I deleted them as requested, restarted my Facebook, changed my password. Hopefully all is good. But it was kind of nerve-wrecking to think people have my information," Podina said.
You may be asking, outside of the blatant violation of privacy, -- what harm can be done because your data was improperly shared? After all it's only your name, birthday, and hometown; seemingly innocuous profile info.
"We have information with regards to email, phone numbers. Things that you like, things that you’re interested in. This is what leads to a data breach. This information can be used to do what's known as social engineering, low tech tricking someone," Cyber risk expert David Derigiotis said. He says it's what they do with the info.
You've heard of phishing emails? Basically, discovering your details allows hackers to email you what looks like legitimate emails that include that information, tricking you into giving up more.
"It's very confidential information. Information in regards to people's likes, people's interest, people's affiliations. We're not just talking about average bits of information such as email or phone number, which is sensitive information; it's much more than that," he said.
Three things Zuckerberg promised: They're going to make sure they get to the bottom of what Cambridge Analytica did, look at every app that accesses data, and ban those apps. He also wants to make sure future developers can't access that much personal information.