Facebook Shares Your Views, But Their Breach Shared Even More

Facebook may be the ultimate place to connect, talk and share memories with friends and family, but you believe you have the control over who exactly sees what when it comes to your profile.

Unfortunately, the place where we like to control what people know about us has suffered one of the all-time biggest data breaches in history with half a billion Facebook users from 106 countries impacted.=

If you think those numbers are terrifying, there are more than 533 million sets of data to be concerned over. The underlying theme present further shows everyone that systems in place cannot protect our information from those who use it for financial gain. If those factors are not worrying you, then not being able to determine whether your data was compromised in the breach surely may.

The Event

The data breach resulted in over 500 million Facebook user details being published on an underground website utilized by cybercriminals.

What was discovered very quickly was that this was not a new crime, but rather an older one which came back on Facebook from an initial repair Facebook claimed happened in August 2019. Whilst the exact source of data is not verified, it is guessed that it would have been acquired through the misuse of legitimate functions in the Facebook systems.

These occur when innocent features of websites are used for unexpected purposes by attackers, such as the PayID breach in 2019. This allowed criminals to mine Facebook for personal user information through techniques that automate the process of harvesting data. Those familiar with the 2018 Facebook Cambridge Analytica scandal will no doubt recall that the focus was also on the misuse of a legitimate function of the platform.

The problem lies in that whilst the data was obtained legitimately as far as Facebook rules are concerned – the passing to a third party without consent was not.

Protecting Yourself

Whilst there is nothing users could have done to protect themselves proactively due to the systems themselves being the target, the option to fully withdraw from the platform is an option they could take.

Otherwise, there are other avenues to help protect their data. For starters, it may be a case of pondering what you share on the platform. Taking away profile details such as your birthday, contact email or linked accounts like Twitter or Instagram. Even posting innocent photos can reveal a lot about you, or quizzes you take through the platform that requires you to input personal information.

Although using Facebook logins to sign into other websites and accounts saves time, it doesn’t save your data from misuse. It also helps to use more unique passwords that you can write in a book, safely away from online use and unknown to any potential attacker. You could even change them on a monthly rota to help keep them secure.

You can also download a full list of information Facebook has on you which is destined to be a scary reveal, which is great if you consider leaving and want your data prior to taking the step.

For more information on enterprise security, identity management and any upcoming cybersecurity conference, check out the events from Whitehall Media.