Facebook is no stranger to data hacks and leaks, with the company having been on the receiving end of many high-profile security breaches in recent years. For example, back in 2018, the social media giant revealed that it had inadvertently exposed the personal information of more than 50 million users due to a small error in its platform coding, thus allowing miscreants to gain access to its users’ accounts.
Similarly, in 2020, the Mark Zuckerberg-led firm was embroiled in another major controversy when it came to light that thousands of developers had been able to access data from inactive platform users, again drawing the ire of many folks across the globe.
Now in 2021, the tech juggernaut has once again been hit with a fresh wave of data leaks, however, this time around, the number of users whose records were exposed was not 50 million but a staggering 500 million. On April 3, Alon Gal, chief technical officer of security firm Hudson Rock, revealed that sensitive personal information for over half a billion Facebook users was shared on a well-trafficked hacking forum.
To be more specific, the records include phone numbers, full names, locations, birthdates, bios, and, in some cases, email addresses of over 553 million located users across a total of 100 countries. Not only that, of the above-stated figure, 32 million users are apparently from the United States, while 11 million are from the United Kingdom.
Lastly, this data which is now doing the rounds online has potentially put at risk the savings of millions of digital currency traders and hodlers who now may be vulnerable to SIM swapping and other identity-based attacks, which have happened in recent years.
What should be done?
How exactly does this most recent breach place at risk the crypto assets of individuals? Dave Jevans, CEO of blockchain security firm CipherTrace, told Cointelegraph that people who have had their phone numbers leaked need to be extra cautious since a lot of fraud involving digital assets hinges on such info, adding:
“We’ve seen an increase in SIM swaps, phishing attacks and other types of fraud involving cryptocurrencies that rely on acquiring the phone numbers of victims to execute. Leaked info about the identity of high-profile crypto users gave bad actors the ability to target them.”
He went on to add that individuals who believe their crypto may be at some sort of risk need to reconsider their existing privacy strategies — basically, thinking twice before storing all their holdings in a centralized exchange that may leverage user phone numbers for two-factor authentication.
Jevans further opined that managing one’s own keys could be a better way to protect our valuables from being phished via the use of stolen phone numbers. However, he conceded that even that may not be enough. “Phishing attackers can still use other means of acquiring account and address information, but it’s much harder,” he added.
Providing a take on the matter, Ben Diggles, co-founder and chief revenue officer for Constellation — a scalable enterprise-grade blockchain creating a standard for securing data in transit — told Cointelegraph that Facebook’s latest security lapse is not surprising, especially since most users of the social media platform tend to adhere to a different mindset — i.e., they like their world to be managed and organized for them.
He added that for most users, if they forget their passwords, they can just have the system reset it for them. Not only that, in Diggles’ view, most folks using Facebook aren’t even totally aware of how big their digital footprint actually is — a facet that Facebook doesn’t make too obvious either — adding:
“Those that are crypto holders that were on the list have little to worry about unless they were storing descriptive details of their holdings and access on their Facebook account. However, these hackers have gotten really sophisticated, so I have no idea what tricks they may…
Read More: Here’s how hackers can exploit data