More than 1.3 million Kentuckians have been impacted by an alleged privacy breach by social media network Facebook, Attorney General Andy Beshear said. Beshear and a group of AGs sent a letter to Facebook CEO Mark Zuckerberg on March 26 asking for the number of users impacted by the breach. According to the information provided to Beshear by Facebook, the approximate number of Kentuckians affected by this breach is 1,310,682.
Facebook this week provided state-by-state numbers to the group of AGs because of their “profound concerns” over recent reports that Facebook users’ personal information was provided without permission to a third party.
“It’s alarming to now know that over a quarter of Kentucky’s population had their Facebook information shared with Cambridge Analytica and other third parties,” Beshear said. “My office will continue to push until we have full and total information on this breach. We expect full cooperation from Facebook on the many questions we have asked.” Beshear said he will continue to update the public.
On Beshear’s website, Kentuckians may review consumer protection tips including what to do if their personal information has been compromised. According to Facebook, the total number of impacted users nationwide is more than 70.4 million. Bordering state attorneys general participating in the March 26 letter to Facebook were Illinois, Missouri, Ohio, Tennessee and Virginia.
According to data by Facebook, the number of citizens in those states affected by the breach is:
• Illinois – 2.9 million
• Missouri – 1.5 million
• Ohio – 2.9 million
• Tennessee – 1.7 million
• Virginia – 1.7 million
Facebook’s information to Beshear’s office also included data on the number of citizens affected in Indiana – 1.6 million – and West Virginia – 557,000.
Other Privacy Measure
In September, Beshear joined with other attorneys general to send a letter demanding that Equifax take immediate steps to strengthen customer protections and improve services to the nearly 143 million people impacted by its massive data breach.
In March, Beshear called on Congress to stop federal legislation that would do away with state laws providing safeguards for Kentuckians during many data breaches. The Data Acquisition and Technology Accountability and Security Act aims to chip away at Kentucky’s consumer protection laws that provide Kentuckians data security protections, Beshear said.
Beshear said the proposed federal legislation would severely affect the ability of states to obtain consumer data security protections in settlements with companies. For instance, Beshear’s office joined multistate settlements in 2016 and 2017 against Target, Adobe and Nationwide Mutual Insurance Company, requiring those companies to maintain data security protections affecting thousands of Kentuckians.