SOMI Newsletter - September 1st, 2021

Find out how much of your personal data has been exposed in the Facebook leak

As of today, SOMI makes it possible for all European consumers to check via the SOMI app whether they have become a victim of the Facebook data breach from April 2021 and just how much of their personal data has been circulating on the Dark Web. This particular leak contains data from 533 million Facebook accounts worldwide, including 96.7 million from Europe and 5.4 million from The Netherlands.

Almost all leaked accounts contain a telephone number, but in some cases the email address was also leaked. The data found on the Dark Web also includes full name, Facebook ID, birthday, phone number, locations, relationship status, account creation date, and other biographical information.

Facebook acknowledged the leak on a blog post saying that this data was obtained not through hacking but by scraping from the platform prior to September 2019 and that the vulnerabilities that allowed malicious actors to scrape this data no longer exist. ‘Scraping’ is a common tactic that often relies on automated software to extract public information from the internet that can then end up being distributed on the Dark Web.

The question is whether the data that has been leaked at this time contains information dating from post May 2018, which is after the GDPR has been put into effect. In this case, if Facebook has not disclosed the data breach to relevant authorities and/or to the data subjects, the failure to notify constitutes a violation of the GDPR in itself.

SOMI is determined to find out whether Facebook is committed to their transparency obligations, whether there is any information regarding the leak that Facebook failed to reveal, and the possible negative impact it has on the consumer.

Important: SOMI is offering a total of €10,000 to anyone who can prove with their data that Facebook has violated the GDPR by not properly reporting this leak to the people involved and the supervisory authorities. 

The victims of the leak are invited to submit the evidence that can verify whether the stolen data have been scraped from the platform after May 25th, 2018, the date on which the GDPR came into effect. We will select ten participants who will receive €1,000 each once their information is proven to be useful to our investigation and legal claims.

*Our General Terms & Conditions apply.

Register now

How does it work?

1. Create an account 

2. Download the SOMI app – Available for iOS and Android 

3. Check if your data was leaked – use your phone number to check on SOMI app if your personal data may indeed have been compromised. In some cases, you may need to verify your phone number. 

4. Take further actions – You can also take further actions against Facebook via the SOMI app, such as requesting all of your data from Facebook or investigating what happened to your data.

About SOMI

The Foundation for Market Information Research (SOMI) is a non-profit organization set up to identify and influence issues of social importance. 

SOMI is a recognized claims foundation in the field of privacy and data autonomy and is committed, among other things, to the protection of the fundamental rights of consumers and minors who use various online services. With the app that SOMI has developed, we want to restore ownership and control over personal data to all the people: All your data. all yours. 

SOMI investigates abuses, informs the public and helps injured parties. SOMI does this by conducting collective proceedings and claiming compensation. 

SOMI is currently investigating alleged GDPR violations by Facebook and TikTok.