Facebook waited two weeks to tell employees payroll data was stolen

Read the Story

Show Top Comments

>Specifically, Bloomberg reports that unencrypted hard drives containing 2018 payroll data were stolen from a car belonging to a member of Facebook’s payroll department on Nov. 17 of this year. It took until Nov. 29 for someone to realize that employee payroll data was on the drives and then another two weeks for the company to start notifying those affected. Why would payroll data need to be transported on a HDD in a car? WTF FB?


As someone who’s been at the centre of a big data breach and had to disclose it, there’s nothing wrong here. You actually have to figure out what went missing, confirm and verify it, and figure out if there’s anything you should or can do to mitigate loss to people affected, loop in relevant people in the organisation, have a plan in place for people expecting immediate answers and remedial action, get geared up to deal with the influx of angry people who won’t forgive any delay, explain to shareholders what happened and why, explain to a board, explain to management, it’s a huge undertaking and people don’t realise how hard it actually is and how many people it takes. 2 weeks seems like they did a good job. Edit: by nothing wrong I mean the 2 week part


Could also be titled “Before telling employees their payroll data was stolen, FB made a plan.”


Two weeks? That’s crazy fast. With some other seemingly more critical organizations, 2 weeks would have been a dream. Like the Equifax data breach. Yesterday, Canadians found out the biggest private medical testing lab services provider in Canada had a major data leak that affected up to half of the nation. It happened well over a month ago. Two weeks isn’t bad considering what the company has to do before they can make a formal announcement. Of course the processes that lead to this data breach leaves much to be desired.


2 weeks seems reasonable. It’s not like companies have some comically large red button on the CEO’s desk that emails potentially affected employees the moment they suspect a breach happens.