Who knew that IBM's sales team was so bad? Or Oracle's? Or Tibco's? In a string of earnings calls, each of these titans of enterprise software put their respective sales teams to the sword, blaming them for the companies' poor earnings reports. 

If only it were that easy.

Shooting The Sales Messenger

While we've talked about the decline of legacy software vendors for years, it's only now that the rise of cloud and open source are showing up in the earnings reports of legacy IT vendors. First it was Oracle, signaling an end to the traditional enterprise software licensing model. Then Tibco. Now IBM.

As IBM chief financial officer Mark Loughridge argued,

We had solid profit performance in January, but as the quarter ended hundreds of millions of dollars of very profitable software and System z mainframe deals fell short of the goal line. On the software side of the house they had a very good listed deals and I think this was just pure execution. We should have closed those on a sales side.

It would be easier to believe this if similar results (and excuses) weren't popping up across the legacy IT vendor landscape, and this despite a flat to improving spending outlook by CIOs, according to recent Barclays survey data:

Perhaps the problem isn't the sales teams' execution - a "lack of urgency we sometimes see in the sales force" as Oracle president Safra Catz opined - but rather the very foundation for legacy enterprise software sales: the software license.

It's The Data, Stupid

As Redmonk analyst Stephen O'Grady persuasively argues, the value of software as software has been declining for years. Value has been shifting to data, and software has either become free (open source) or distributed services made available over the web (cloud). Software revenue growth for the big vendors, not surprisingly, has slowed to a trickle, according to IDC data.

This shifting emphasis away from software sales, toward data-based services, has crowned Google as the market capitalization leader among its "peers," a trend that will likely continue for many years:

In fact, as O'Grady highlights, among the PWC global top-100 software vendors, none of the top-20 was founded after 1989. He concludes: "The data is clear: while there is substantial money in software, the difficulty of employing it as a primary revenue mechanism is increasing."

A Flight From Software To Cloud

For this reason, we've seen IBM and others diversifying out of software, bulking up in services, differentiated hardware, and more, as PWC's segmentation of software revenue among the world's top-20 software vendors indicates:

Source: PWC, 2013.

Such a shift won't happen overnight, and will be painful along the way. Very painful.

For example, SAP has been struggling to become a cloud-friendly company, and it's having deleterious effects on its earnings. As Wells Fargo analyst Jason Maynard spotlighted in a recent SAP research note, "increasing demand for cloud solutions is creating a negative drag on software license revenue growth."

Having lived through this at Novell, when we had to replace super high-margin NetWare revenue with lower-margin, lower-priced SUSE Linux revenue, I can state with some certainty that it's a long, tough road (fortunately, one that SUSE seems finally to have completed). Still, some companies, IBM in particular, have managed to make the transition, though no legacy IT vendor has gone to the lengths that Google, Facebook, Salesforce and other new-breed "tech" companies have, essentially making the sales function an automated credit card transaction over the web.

This friction-free, license-free model is the future. 

In this new world, purchasing power moves away from CIOs to developers, in the case of open source, and to line of business executives, in the case of cloud. Where it's not moving, and likely never will again, is to the top lines of the legacy IT vendors. Software has become a service, not a big revenue driver. That fact won't change, and shooting the sales messenger won't help.

Image courtesy of Shutterstock.

Three years after WikiLeaks shook up the international community by leaking more than 250,000 diplomatic cables, the organization is at it again. Yesterday, it unveiled 1.7 million documents from the era of Henry Kissinger in the form of a searchable database called PlusD. It's the biggest leak of previously classified information in human history.

The leak will undoubtedly make for some intriguing historical analyses and anecdotes, some of which pertain to people and organizations that still wield power. But it doesn't say much for the continued relevance of WikiLeaks.

With its leader under house arrest, its biggest source about to stand trial on capital charges and a financial blockade hamstringing its ability to raise money, it's a wonder WikiLeaks can manage to get anything accomplished. With that in mind, the Kissinger cable leak is an impressive feat.

How Far WikiLeaks Hath Fallen

Yet for the most part, the things we'll learn from this new trove of documents are based in the past. Three years ago, WikiLeaks was releasing data that had an immediate impact on things going on around the world. Prior to that, it made headlines by releasing the now-infamous video of a U.S. helicopter killing civilians in Iraq.

Today, they're putting out might be a gold mine for historians and academics, but it probably won't impact the future as much as past data dumps have.

It's a radical departure from the rhetoric and expectations of late 2010. It was then that, emboldened by the impact of Cablegate and the Iraq War Logs, WikiLeaks proudly announced that it was in possession of a Bank of America executive's hard drive, the contents of which would be released to the public. The leak, Assange assured the world, had the potential to "take down a bank or two."

Whatever Happened To That Hard Drive?

And yet it never materialized. At least a portion of that data was allegedly destroyed by a former WikiLeaks collaborator with whom Assange had a falling out.  It's not clear what, if any, data remains. The data, the seizure of which caused Bank of America to launch an internal, preemptive investigation, has yet to see the light of day.

Since those triumphant, headline-grabbing days, WikiLeaks has been considerably quieter, periodically releasing data that might be interesting, but which lacks the impact of earlier dumps. Last year, the organization leaked millions of internal emails from private intelligence firm Statfor. It revealed a few intriguing details, but the emails were mostly, as GigaOm's Matthew Ingram put it, "underwhelming." 

As Ingram pointed out, WikiLeaks was no longer working with the influential media partners it boasted in 2010. Instead of teaming up with journalists from the New York Times, Guardian and Der Spiegel, Assange was relying on the likes of Anonymous, a shadowy collective with an altogether different type of reach than the Grey Lady. 

Losing Partners and Data Sources

Even more so than it needs powerful media partners, an organization like WikiLeaks needs reliable, well-placed sources.  It's worth recalling that Bradley Manning, the Army private accused of handing WikiLeaks the Collateral Murder video and diplomatic cables, is about to stand trial on charges that could result in his execution.

There's a certain deterrent factor at play there. And on a more practical level, WikiLeaks no longer has a source quite as well placed as Manning now that he's in jail. Meanwhile, the hacker who leaked the StratFor emails could face life in prison. Governments have little tolerance for the type of ruckus WikiLeaks has caused, and they're making that clear to would-be collaborators by aggressively prosecuting the sources of past leaks. 

Combine these factors with the financial blockade, Assange's legal woes and infighting within the organization and it's easy to conclude that WikiLeaks has been rather handily marginalized.

Sure, there's still global fallout from past leaks, and the Manning trial, a historical event with huge implications, hasn't even started. But WikiLeaks is clearly less nimble and impactful than it was three years ago. And short of a bombshell such as a Manning acquittal or another explosive leak on the order of the promised BofA disclosure, there's little reason to think things are going to turn around any time soon. 

Lead photo courtesy of Wikipedia

Another hacker bites the dust. This morning, Andrew Auernheimer — aka "Weev" — got handed a sentence of 41 months in prison, 3 years of supervised release and a $36,500 fine. All for basically exposing a major security hole at AT&T and publicly shaming the company that hadn't ever bothered to fix it.

Back in 2010, Auernheimer and his partner Daniel Spitler, part of a team calling itself Goatse Security, hacked into a public server owned by AT&T. That server housed hundreds of thousands of email addresses of customers who owned 3G iPads. Through trial and error and some ingenuity, group members discovered they could randomly guess iPad identification numbers and then use them to extract matching email addresses from that server.

AT&T's Security Loophole, Exposed

This security loophole on AT&T's site returned email addresses associated with ICC IDs, the unique serial numbers used to track and link SIM cards on mobile devices with specific subscribers. A PHP script that automated the process ended up harvesting a whopping 114,000 email addresses. Auernheimer then sent news of the group's work as an exclusive to Gawker.

(See also: U.S. Announces 120,000 iPad Users Had Their Data Stolen)

A day later in a blog post on the Goatse Security site, Auernheimer and company wrote:

I want to summarize this explicitly:

• All data was gathered from a public webserver with no password, accessible by anyone on the Internet. There was no breach, intrusion, or penetration.
• The dataset was not disclosed until we verified the problem was fixed by the vendor.
• The only person to receive the dataset was Gawker journalist Ryan Tate who responsibly redacted it.

[...]

We did this to help you.

By its own account, AT&T responded with "swift action" to prevent additional intrusions: 

Within hours, AT&T disabled the mechanism that automatically populated the email address. Now, the authentication page log-in screen requires the user to enter both their email address and their password.

Problem solved, right? Wrong. A week later Auernheimer was arrested after the FBI raided his house. He was then charged with major computer crimes under the Computer Fraud and Abuse Act (CFAA), the same legal club prosecutors have used to go after Aaron Swartz and, last week, Reuters social editor Matthew Keys.

(See also: Reuters Social Editor Indicted Over Anonymous Hack; Internet's Jaw Drops)

During the trial, AT&T admitted the server was publicly accessible, yet claimed Auernheimer's access was unauthorized. Under the CFAA, unauthorized access is a crime. But the statute's ambiguity on that score has opened the door for egregious prosecutorial overreach in this and other cases.

On Nov. 20, 2012, a jury found Auernheimer guilty of one count each of identity theft and conspiracy to violate the CFAA. Today, Auernheimer was sentenced.

Fair Or Fanning The Flames?

Supporters of Auernheimer say what he did was not a crime. Maybe it wasn't smart to expose a major vulnerability at AT&T and then rub the company's nose, but stupidity shouldn't be a federal offense. Friends and colleagues point out that the point of hacking is to gain something from it — and in this case, there was no money involved and nothing else to gain but besides a measure of celebrity.

Australian journalist and hacktivist Asher Wolf wrote a poignant piece today arguing that's it's insane to publicly tar and feather someone who spurred a company to fix a problem, even if he didn't choose the most orthodox means of doing it:

Putting Weev behind bars is pointless and tragic. Jailing the most outspoken men and women amongst our generation won’t stop the leaks, the hacks, the news revelations, the whistleblowers — and most of all it won’t stop the rage of the malcontent, dispossessed youth from eventually tumbling down upon the heads of the bureaucrats who sold us out and then tried to lock us up when we complained.

Bees To Honey

AT&T's vulnerability was basically low hanging fruit — just too easy a target for hackers to ignore. But the question of whether AT&T was asking for it is more complicated.

Sure, poor security is asking for trouble. But playing with fire will get you burned no matter how righteous and ethical you claim to be. "Our conduct doesn't happen in a vacuum," hacker Adrian Lamo — the guy who allegedly dropped a dime on Bradley Manning — wrote on Twitter today. "I don't think 3+ years is warranted for Weev, but in totality of circumstances, it's understandable."

I respect weev's reasons and even his means for their ethical consistency. But he got exactly what he planned to. He owns his outcome.

— Adrian Lamo (@6) March 18, 2013

Still, this is significant time for essentially not hurting anyone, as the British journalist Laurie Penny pointed out. By comparison, the Steubenville rapists were sentenced to just one year in juvenile jail.

Note that @rabite just got sent down for 3.5 years for computer violations. That's 1.5 years longer than the #steubenville rapists #freeweev

— Laurie Penny (@PennyRed) March 18, 2013

This isn't over. Auernheimer is appealing his conviction. And either another example will be made to hackers everywhere, or the sentence will be reduced.

At the end of the day, Weev and co. were nicer to AT&T than, say, hacker HD Moore — who published unpatched iPhone flaws and exposed another big bug in Apple's WiFi — was to Apple. But that doesn't seem to matter much in the boardrooms and courtrooms of America. In their view, all hackers are criminals.

Even many mainstream journalists think all hacking is a crime. Last night on 60 Minutes, for instance, Lara Logan basically accused Jack Dorsey's early work of bordering on just that. And even with the best of intentions, hackers' attempts to route around the system will likely never gain the benefit of the doubt with the public.

Instead, they'll just keep earning jail sentences, at least unless and until the courts — or Congress, though don't hold your breath — push back against prosecutorial overreach. And that, at least, will give them plenty of time to repent at leisure.

Lead image via Flickr user shane_curcuru, CC 2.0; image of Andrew Auernheimer via Wikimedia Commons

Tim O'Reilly once presciently described data as "the new Intel Inside," the primary source of competitive differentiation in a world where technology has largely been commoditized. While he referenced Google and other web giants, today mainstream enterprises have embraced Big Data as they seek to stand out. But a danger lurks.

The more companies embrace data to differentiate, the less it does so. O'Reilly thought data might be humbled by free data movements, much as proprietary software was hit by open-source software, but the culprit may actually be something more overtly benign: data-friendly applications.

Intel's Branding Coup

There was a time when consumers didn't care what chips ran their computers, a fact painfully reflected in Intel's stock price. But in 1991, Intel launched its famous "Intel Inside" branding campaign, and its stock took off. What had been considered commodity in 1990 suddenly became premium in 1991: the Girbaud jeans of their time. (Editor's note: Yes, we have pictures of Matt wearing Girbaud. No, they're not pretty.)

But O'Reilly wasn't arguing that data is simply a marketing slogan that can trick people into paying a premium for an otherwise commodity product. Instead, he reasoned that the few who manage to harness specialized databases are best positioned to charge for access to their data: "In the internet era, one can already see a number of cases where control over the database has led to market control and outsized financial returns." In turn, this control has enabled such firms to amass computing resources that, in turn, generate even more data (with subsequent lock-in).

But what happens when data goes mainstream?

Big Data Inside

This, after all, is what is happening within the enterprise. While we're still years away from Big Data becoming omnipresent, companies like Cloudera and EMC believe in a future when every enterprise mines vast treasure troves of data to glean insight and competitive advantage. For now, however, tools like Hadoop remain complex for most enterprises, and the science of data analysis has many enterprises scrambling for data scientist panaceas.

Big Data, however, promises to become easier, as Workday co-founder and Cloudera board member Aneel Bhusri reports:

.@mikeolson makes a great point: #hadoop value will be delivered through cloud apps vendors.ISV opportunity huge for #hadoop and @cloudera

— aneel bhusri (@aneelb) June 13, 2012

Bhusri is likely right. But if so - if Big Data becomes democratized (read: commoditized) through applications - how does it continue to set a data-driven company apart from its data-driven competitors? 

A Nicholas Carr Haunting

This line of questioning will sound familiar to those who have read Nicholas Carr's seminal "Does IT Matter?" As he wrote in 2007:

Behind the change in thinking lies a simple assumption: that as IT’s potency and ubiquity have increased, so too has its strategic value. It’s a reasonable assumption, even an intuitive one. But it’s mistaken. What makes a resource truly strategic – what gives it the capacity to be the basis for a sustained competitive advantage – is not ubiquity but scarcity. You only gain an edge over rivals by having or doing something that they can’t have or do. By now, the core functions of IT – data storage, data processing, and data transport – have become available and affordable to all. Their very power and presence have begun to transform them from potentially strategic resources into commodity factors of production. They are becoming costs of doing business that must be paid by all but provide distinction to none.

While a gaggle of enterprise IT vendors rushed to insist that IT does, in fact, matter, Carr's primary point - that the more the benefits of IT are distributed the less differentiating they become for any particular firm - seems to be confirmed by the effect of SaaS, among other things. IT has been simplified through SaaS and other trends, but it hasn't become more differentiating. If anything, it has become less so.

Is data any different?

"Big" Data Gets It Wrong

The answer is a qualified "maybe." Any particular technology trend loses its competitive bite when the mainstream adopts it, but this doesn't mean that there isn't value in harnessing that technology. Data is no different.

As Redmonk analyst James Governor postulates, "The advantage is in how you use the tech, not the tech itself." Just as owning Salesforce.com or the latest HP server won't differentiate your business, neither will owning massive quantities of data. New survey data from Infochimps confirms this: the top-two reasons for failure in Big Data analytics projects are lack of expertise to connect the dots between data and lack of business context for one's data.

The world has become fixated on the "big" in Big Data, but volume of data is not very interesting. In the (near) future, everyone will have data, and plenty of it. But asking the right questions at the right time, not merely asking "bigger" questions, will continue to drive serious competitive differentiation.

Big Data, in other words, is just the ante to get in the game. Going forward, real differentiation will inure to those businesses that know which data to use and how and when to query it.

Image courtesy of Shutterstock.

Online dating is weird as hell. You'd think this wouldn't be the case. After all, the algorithms that connect people on dating sites aren't theoretically all that different from the ones that power search engines and generate billions in revenue. So why is online dating still such a thoroughly imperfect experience? 

Amy Webb, like so many others, learned just how flawed the science of online dating is by going on a series of comically awkward dates with some pretty unbelievable characters. In her book, Data, A Love Story: How I Gamed Online Dating to Meet My Match, the digital media consultant and former journalist outlines how she "reverse engineered" online dating, reevaluated her strategy and met her future husband. 

This being the week of Valentine's Day and all, we thought it would be an opportune time to talk with Webb about her process and share some of the lessons she learned with you, oh lonely denizens of the Internet. Trust me, this is way more interesting than the romance-themed infographics we've been getting pitched all week.   

Decide What You're Looking For

Most people approach online dating like they approach joining any other social network: Set up a profile, upload a few photos that happen to be sitting on your hard drive, and fill out some personal info. The difference, of course, is that dating sites have an objective far more specific than an aimless timesuck like Facebook. 

Webb kicked off her digital quest for a mate by listing 72 traits she wanted her future partner to possess, which is how she recommends online dating newbies get started. Her initial brainstorm included everything from personal habits and marital history to work ethic and Mac vs. PC preference (Hint: John Hodgman would not have made the cut). 

The exact number of traits isn't all that crucial, as long as the list is as exhaustive as possible. "The most important thing is to sit down and write out a list," says Webb. 

Rank Your Top Traits By Priority 

Next, she broke her 72-point list into tiers: Using a combination of personal preferences and past experience, she narrowed down the ten most important characteristics and listed them as "top tier" traits. These were, in her book, the absolute deal-breakers. They were then ranked 1-10 in terms of importance. From there, she chose another 15 "second tier" traits. Not deal breakers, but still very important.

"I was looking for patterns to analyze," says Webb. "For example, there was a lot of crossover in my list when it came to family, religion and attitude towards work. When I noticed a pattern, I tried to distill from it the most important aspect of that data point."  

This approach helped her sort and tag her list and ultimately rank everything by priority. 

Come Up With A Grading System

Once her tiered list was complete, Webb assigned a total number of points to each item. Her top-tier traits were each given a total potential score: 100 for her top trait (intelligence) and 91 for her least-critical item in her top ten list (No history of cheating). The second-tier traits were all assigned a weight of 50 or fewer points, depending on their overall importance to her. 

The result was a 1000-point scale that would allow her to grade - and subsequently reevaluate - the men she dated based on the most meaningful data points. She set a threshold: Based on her initial online interactions, nobody scoring below a 700 would be worthy of an in-person date.  

It all might sound a bit obsessive, but as Webb quickly realized, this formula could have saved her the agony of going on karaoke dates with high-fiving cheapskates just a few weeks prior. 

Size Up The Competition

This is where things get interesting. Before setting up her new profile, Webb decided to evaluate the competition. The way most online dating sites work, there's no easy way to do this from your own account. So using her 1000-point grading system, Webb created two profiles of imaginary dream guys. That's right: She masqueraded not just as a man, but as multiple men, in order to see what kinds of ladies would be vying for the attention of the men she would find most desirable. In the end, she had created 10 fake profiles and interacted with 96 different women. 

This wasn't just an exercise in digital creepiness. It was a data-mining experiment of enormous value. During this phase of her quest, Webb unlocked insight into many aspects of the online dating universe, some of them more predictable than others. What correlations exist between profile popularity and hair color? What about the vocabulary used in people's profiles? How much did successful online daters refer to their career goals? What kind of photos performed the best? 

Using spreadsheets, TextWrangler and "other kludged-together applications," Webb analyzed all of this and more, manually collecting data as she went. She paid attention to things like which gender initiated conversations most and made data visualizations of the most commonly used words in the profiles of popular women. 

"If I was in another setting – like a bar, or party or work – and found someone attractive, I'd immediately look around at my competition," Webb explains. While some sites do allow you to take a look at the competition (which would save you most of the trouble here in step four), JDate does not, so Webb had to game the system in order to see the big picture. 

In the process, she discovered that the LinkedIn-esque approach she had used to build her original profile was way off-base. 

Build Your Data-Fueled Super-Profile

Armed with these new insights, Webb set out to create what she calls her "super-profile." It was concise, used positive language and wasn't as fixated on work. She focused more on her desire to travel the world than on her HTML chops. She also realized that the photos she happened to have on her laptop weren't cutting it, so she uploaded new ones based on everything she had learned by looking at the more popular users.

She showed a little more skin and scaled back on attempts at humor, which can often get lost in the context of a social profile. In short, she optimized her profile, not unlike a product page - an analogy that isn't far off from how Webb encourages people to think about their presence on Match.com or OKCupid. 

"We SEO websites all the time to ensure that they get seen first in the vast catalogue that is Google," Webb says. "Why should online dating be any different?" 

Ready to take a break from Facebook, or just want a nice local backup of all the data you've uploaded to the social network over the years?

Turns out that downloading your stuff from Facebook is a lot easier than it used to be. Even for someone like me, who's racked up a massive amount of data over the years.

As Facebook user #806469, I was among the first million people to join the service, and I've used it pretty steadily since the spring of 2004 - accumulating more and more history all the time. Perhaps most importantly, I've uploaded 4,186 photos to date, and I want to make sure I keep every one of them. Downloading all of my contacts would be nice too, though Facebook doesn't make that easy.

Backing up everything else was surprisingly straightforward, however, using Facebook's built-in archival tools. 

5 Steps To Backing Up Facebook

Step 1. Click the little gear icon in the upper right corner and navigate to Account Settings.

Step 2. Figure out what you're after. You can download the primary copy of your user data or you can choose to download an "expanded archive.. The latter is an interesting, more technical glimpse at your Facebook activity over time (shown below). Facebook has a nice guide that breaks down what you'll find where. I downloaded both, because, well, why not?

Step 3.  Input your password to start downloading a copy of your information. Amazingly, my download was only 350MB, and considering how many photos I have stored, I imagine that's on the (very) high end compared to most Facebook users.

Step 4. Pore over your data! You'll get a folder with your user name that you can explore. It has two main subfolders: html and photos. The first one - html - is where all of your archived messages, likes, wall posts and everything else shows up. In the "friends" file you might be able to find some of your Facebook friends' email addresses included to the right. There's also an html version of your photo albums in here. The second main folder is a very nicely packaged directory of all of your photos in .jpeg form. 

Step 5. If you opted to download the expanded archive, you'll have even more weird stuff to check out. Try the deleted friends folder for starters. The pokes folder is predictably also a good time stroll down memory lane. 

All told, this process is way easier than I thought it would be. And I'm still kind of amazed that the export tool hands over all of your photos in .jpeg form.

Contact Information Is The Sticking Point

Unfortunately, Facebook keeps an iron grip on the email addresses and phone numbers of your Facebook friends. Considering those would be a pretty handy way to cut out the big blue social network altogether, it makes sense from Zuckerberg's perspective, but it's still annoying. There used to be a workaround involving Yahoo Mail that's since been patched, so if you know of any good, safe and legal ways to extract your contacts from Facebook, do tell in the comments.

That's it.

Backing up your Facebook data is a good idea whether you have plans to delete your Facebook account, want to take a break or just want a little peace of mind by having all your Facebook data at hand. Best of all, a process that used to involve way more identity confirmation and often third-party browser plugins and the like is amazingly easy these days. 

Image of Facebook in browser via Shutterstock.

It's not exactly news that Facebook continues its epic reign among social media sites - but it's still surprising just how much it dominates. According to data cobbled together in a new infographic from San Francisco law firm Morrison & Foerster's Socially Aware Blog, each month, visitors spend an average of 6.75 hours on Facebook. At first gloss, that may not sound like much, but that's almost double the amount of time users spend with Tumblr, Pinterest, Twitter, LinkedIn and Google+ - combined.

Beyond chipping away at work day productivity, Facebook is hugely popular as a multi-screen activity. Among TV viewers, 61% report cruising the Web while watching the tube and 29% report going on Facebook while watching TV. If you want more juicy aggregated data about how Americans are using the social web, see the infographic:

The Bulgarian blogger and digital rights activist who made headlines on Tuesday when he reported acquiring more than one million Facebook data entries for just $5, said Friday he is cooperating with Facebook as it conducts an internal investigation, but won't comply with the company's request to remove blog posts or not talk about the investigation.

Facebook Requested Silence

In an interview with ReadWrite, Bogomil Shopov said he had been contacted by Facebook's Platform Policy Team after revealing on his blog that he had acquired the list, which included email addresses of active Facebook users who were primarily located in the U.S., Canada and Europe. Shopov said officials with the company were upset because they feared his public revelation would upend an internal investigation.

(Read Shopov's new blog post: Mixed Feelings After Conversation With Facebook.) 

Facebook declined elaborate on the details of its investigation.

“Facebook is vigilant about protecting our users from those who would try to expose any form of user information. In this case, it appears someone has attempted to scrape information from our site," Facebook spokesman Chris Kraeuter said in an email statement. "We have dedicated security engineers and teams that look into and take aggressive action on reports just like these. We continue to investigate this specific individual.” 

Facebook Wanted To Destroy The Data

In addition to requesting that he keep conversations with Facebook private, the company also requested that Shopov destroy the data after sending a copy to Facebook. Shopov said he complied with the request to destroy the data but was continuing to speak with news outlets to make Facebook users aware of the breach.

That didn’t sit well with Facebook, according to Shopov. 

“Their version is [they are conducting] an ‘internal investigation’ and one of the reasons they are angry about my blog posts is that the seller can ‘go deep’,” Shopov said, explaining Facebook is concerned the seller will disappear before the investigation can figure out how the data was obtained.

A Black Market In Facebook Data?

Shopov provided ReadWrite with a cached link to the site where he purchased the data. The offer was removed within two days after his initial blog post on Tuesday, October 23, but the cached version shows that the seller obtained the data through an unidentified, third-party application. This raises the question of whether there's an international black market where anyone can buy supposedly secret Facebook user data. 

Shopov verified that some of the addresses were legitimate and had planned to notify people on the list that he had purchased the data. Facebook asked him to not notify people included on the list, Shopov said.

“We agreed with Facebook not to do that,” he said. “That was actually my first reaction, to tell them and to teach them about their rights.”

(Read Shopov's original blog post I Just Bought More Than 1 Million... Facebook Data Entries. OMG!)

Lead image: 1000 Words / Shutterstock.com