Facebook, LinkedIn, or even Clubhouse are no different: they collect a lot of user data, but they do not protect it effectively.
News stories of data theft from social networking services are coming out all the time: 533 million user accounts from Facebook (covering 100 countries), 500 million records from LinkedIn, and most recently 1.3 million records from Clubhouse. Even if the majority of the information stolen is not necessarily personal (i.e. most of the data is not a card number or a password, for example), it makes you wonder how it is possible that such a huge amount of data can be leaked from one company to another.
Especially as names, addresses, and telephone numbers are sensitive data, and information that rarely changes. Moreover, this is data that is well suited to a phishing attack: if several personal details are included in one letter, users are more easily trapped. In addition, fraudsters may – with a bit of luck – be able to use personal data to impersonate someone else and thus obtain services without authorization. To give just one example, the password reset function often includes a check for the date of birth…
Data protectionists say one of the reasons for the problem is that social networking services do not protect information enough: robots, for example, can easily collect information. They also do not make it easy to control the collection or sharing of data.