Facebook (Data Breach)

No longer taking clients for this case


Facebook, Inc. (“Facebook”) operates a social networking website that allows people to communicate with their family, friends, coworkers, and acquaintances. Facebook also develops technologies that facilitate the sharing of information, photographs, website links, and videos. Facebook purports to allow its users (“Facebook Users” or “Users”) the ability to share and restrict information based on their own specific criteria. By the end of 2017, Facebook had more than 2.2 billion active Users.

As part of the sign-up process and as a consequence of interacting with their social network, Facebook Users create, maintain, and update profiles containing significant amounts of personal information, including their names, birthdates, hometowns, addresses, locations, interests, relationships, email addresses, photos, and videos, amongst others (“Personal Information”).

Facebook recently revealed that its Users’ Personal Information was subject to a massive data security breach in September 2018, affecting approximately 50 million Users (“September 2018 Data Breach”). Facebook publicly disclosed details of the September 2018 Data Breach for the first time in a statement on September 28, 2018. According to the statement and subsequent press call, Facebook learned of the breach as early as September 16, 2018, but has not yet directly informed or notified Facebook Users that their Personality Identifiable Information (PII) may be compromised as a result of the breach. Rather, Facebook stated that it began “logging users out” on the evening of September 27, 2018, but did not provide Users with any reason for being logged out. The statement further admitted that “attackers exploited a vulnerability in Facebook’s code that impacted “View As” a feature that lets people see what their own profile looks like to someone else. This allowed them to steal Facebook access tokens which they could then use to take over people’s accounts. Access tokens are the equivalent of digital keys that keep people logged in to Facebook, so they don’t need to re-enter their password every time they use the app.” The vulnerability in Facebook’s code was introduced in July 2017, and Facebook is currently unaware of how long hackers have had access since that time.

On October 11, 2018, Franklin D. Azar & Associates filed a nationwide class action lawsuit, King et al. v. Facebook, Inc., Case No. 3:18-cv-06246 (N.D. Cal 2018), which also included California, Colorado, and New Jersey Sub-Classes, alleging that as a result of Facebook’s failure to maintain adequate security measures and timely security breach notifications, Facebook Users’ personal and private information has been compromised and remains vulnerable.

Further, Facebook Users have suffered an ascertainable loss in that they must undertake additional security measures, some at their own expense, to minimize the risk of future data breaches including, without limitation, canceling credit cards associated with their Facebook accounts and changing their passwords to Facebook, Instagram, and other linked accounts. But due to Facebook’s ongoing and incomplete investigation, Facebook Users have no guarantee that the above security measures will in fact adequately protect their personal information. As such, Plaintiffs and other Class Members have an ongoing interest in ensuring that their Personal Information is protected from past and future cybersecurity threats.

Claim Against Facebook

You may have a claim against Facebook if you have a Facebook account and receive a notification at the top of your Newsfeed explaining a potential data breach. Contact FDAzar Immediately. We will fight to get you the recovery you deserve.

How to Protect Yourself from Data Breaches

One thing a hacker can do is use your e-mail address and/or phone number to change your passwords for any accounts you have tied to that e-mail address or phone number, thus locking you out.

It is important that you change your password for your Facebook account if you suspect your account has been hacked. Please make sure the new password is something entirely different than the one exposed in Facebook’s September 2018 Data Breach. If you use that same, affected password for any other accounts, change those passwords also. It is good to use a unique, strong password for each account you have rather than the same password for all of your accounts.

What Should I Do if the Hack Affected Me? – How to Join the Facebook Class Action Lawsuit?

If you have a Facebook account and received a notification at the top of your Newsfeed explaining a potential data breach, our attorneys would like to hear from you.

Fill out our free, no-risk case evaluation to learn if you are eligible to participate in a class action lawsuit today. You could be eligible for compensation for losses suffered from Facebook’s September 2018 Data Breach.

Related Media

Colorado Law Firm Files Class Action Lawsuit Against Facebook

Colorado’s “Strong Arm” law firm sues Facebook, seeks compensation in latest hack attack

Colorado’s ‘Strong Arm’ Frank Azar takes on Facebook, files federal lawsuit

Class action lawsuit filed against Facebook for security breach

Colorado Law Firm Files Class Action Lawsuit Against Facebook

Facebook Security Breach Lawsuit’s Colorado Connections

  • Payment of Medical Bills
  • Payment for Wage Loss Due to Injury
  • Compensation for Permanent Impairment
  • Scarring and Disfigurement from the Injury
  • Free telephone, home or hospital consultation
  • Offices Throughout Colorado
  • No Recovery, No Fee
  • Extremely High Success Rate