Facebook’s Massive Data Breach: Is your Data now available on the Internet?

It is not new that Facebook is in the news again for Data Privacy issues. The privacy battle for Facebook has been ongoing for years now and yet again the breach of personal data of 533+ million users is making highlights.

Personal Data such as Name, phone number, location, date of birth, place of work, etc., of 533+ million Facebook users from across 100+ countries has been found available on the internet for free. Almost 6 million users’ data is from India, additionally hitting massively the accounts operated out of US and UK. While we are all clueless about our data and Facebook’s claims about its strong security and privacy policies, ironically, CEO Mark Zuckerberg’s data has also been leaked.

Facebook has associated this leak with the one which was reported previously in 2019 due to vulnerability in the system which was later patched. The claims are that the data is the same old data. Does that mean that the data has been circulating for a while now? OR The patching was weak enough to be exploited again? Well, these are questions that Facebook will have to answer after their internal investigation. However, this clearly shows how negligently the data of millions has been handled by the widely used and trusted social media platform. It is not only Facebook that has been in news lately for its privacy issues, the other affiliates have been making news too. It was recently when Whatsapp’s privacy policy surfaced and privacy concerns are howling across the globe. Instagram had too been in news for various data breaches lately. With this, the security and privacy dynamics of Facebook and its owned companies are alarming. 

The breach has not only put your privacy at risk but also your physical security. It could expose so many users to various threats, cyber threats scoring the list. It is very important for the users to act diligently and with awareness in the upcoming days while handling your data online, and attending to marketing calls which can be an attempt to phishing. With such a high number of records being in question, it is difficult to say whether or not your data was leaked and if it is now available on the internet. Though it is easier to check the same by using “haveibeenpwned”- a platform to check if your data has been breached, it is nevertheless a good idea to take precautionary steps.

What you can do?

  • Remove any unnecessary, excessive or sensitive data from the app.
  • Update your password- not only now but frequently.
  • If the password used for logging into Facebook is common with any other app, or there exists a common pattern for choosing your passwords, it is recommended to change all such passwords.
  • Set up two-factor authentication where possible.
  • In case your data has already been leaked, there is a high chance of scammers setting up traps. It is really important to be cautious with scamming calls.
  • Do not share your information with anyone online even if they claim to know some of your personal data. There are highly likely chances of fraudsters calling and asking for transaction details or making you fall prey to many other online frauds. Don’t share your pins or OTPs.
  • Keep your settings private.
  • Don’t accept requests from strangers or entertain messages.
  • In case of any message asking for personal details, or financial favors, don’t act on them even if is received from a profile of your known ones. Check with them personally over call in case they need some help. Do not act on any online instructions by anyone unless it from Facebook itself and that too from authentic and reliable source.
  • Please be alert with all your online activities as there could be potential attacks such as impersonation, spam calls, e-mails, harassment, social engineering, extortion, phishing campaigns- even a phishing mail from Facebook itself!

Social media has been a double-edged sword. It has brought the word together and exposed millions at a level either not expected or to cybercrimes. Though sharing about yourself with the world on social media is alluring, one should be mindful of what is being shared, the extent of sharing, and the repercussions of the same. While Facebook is yet to release an official statement about the break, it will be interesting to see how the legal recourse will look like given the GDPR, CCPA, Brexit, discussions on Privacy Shield 2.0, and many other national and international data handling laws and agreements. Data Protection Authorities across the world have started validating and investigating the matter affecting the personal data of their respective country’s users. Philippines NPC has reached out to Facebook’s privacy officer for more details whereas Irish Data Protection Commission is too looking into the matter. Being a massive data breach affecting people globally, Facebook will be under the scrutiny of various privacy watchdogs. It will also be interesting to see how India addresses the situation when there is no adequate data privacy regulation or a dedicated National Data Protection Authority, albeit the number of users in question are huge from India.

Stay tuned to hear more on matter in our upcoming blogs.  

About Ashna Mehta 2 Articles
Ashna Mehta is a qualified techno-legal enthusiast and a DCSI certified Privacy Professional. She has worked in the industry as an external consultant as well as in-house advisor for Privacy and Information Security compliance. Ashna is passionate about securing an individual’s privacy in the ever-growing cyber space. She has a vast experience in developing and implementing Privacy Frameworks for the organizations and conducting awareness programs on Information Security and Data Privacy.

Be the first to comment

Leave a Reply

Your email address will not be published.