Facebook leaks millions of names, phone numbers and emails
A new data protection scandal affects Facebook users and employees. According to specialists, more than 267 million user IDs, phone numbers and usernames were exposed due to an unprotected database, so threat actors were able to use this exposed information to deploy phishing and spam campaigns.
The database was reported by renowned
researcher Bob Diachenko, who specializes in the search and reporting of
information exposed online. A report from security firm Comparitech mentions
that access to the database has already been disabled, however, before securing
the information an unauthorized user copied the database and uploaded it to a
hacking forum, from where it is possible to download it.
The information presented appears to belong to Facebook users based in the United States and includes personal details such as full name, Facebook identification key and phone numbers, data protection experts report.
In preparing the report, Diachencko mentioned
that the data would have been compromised due to an information collection
campaign or a social network API failure. Data collection on the platform goes
against Facebook’s usage policies, although it is a very difficult practice to
combat, especially when people use Facebook as a public profile.
The main measure that Facebook users can
implement against these data collection activities is to change their profile
settings. In the “Do you want search engines outside Facebook to link to
your profile?” you must select the option “No”; this way only
your contacts within the platform will have access to your information.
Ignoring SMS from unknown numbers is also a good security measure, data
protection experts say.
Facebook has faced data protection issues
multiple times this year. Just a few weeks ago, confidential information of Twitter
and Facebook users was compromised due to the use of malicious Android apps,
downloaded from sources outside the official Google Play Store platform. A couple
of months ago it was also reported that an API bug gave some developers access
to multiple details about participants from thousands of Facebook groups.
However, data protection specialists from the
International Institute of Cyber Security (IICS) say one of the worst incidents
occurred in September, when an exposed database containing telephone numbers
was discovered associated with millions of Facebook accounts, some records even
showed the names of users.
These kinds of incidents happen all the time and
social media companies seem to do very little to protect the information under
their backing, so users need to take additional precautions. Periodic password
reset is a good option to prevent these incidents because, in case a data
breach reveals these details, the user’s access credentials might be out of
date, protecting their data to a large extent.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.
Gloss