An analysis of the Facebook Data Breach

In 2021 Facebook counts more than 2.74 billion active users worldwide, as much as India and China population approximately.
On April 3 a user discovered a list of Facebook users’ details published online for free on an underground website used by cybercriminals.
The share of published accounts represents about 20% of all users in the world. 106 countries are involved. The leak includes personal information on 533 million Facebook users, such as phone numbers, Facebook IDs, full names, locations, birth dates, and email addresses.
It now looks certain that it’s not a new data breach, but an older one. In fact, the data breach is believed to relate to a vulnerability that Facebook reportedly fixed in August of 2019. However, once such data escape from Facebook’s network, the company has limited power to stop it from spreading online. Among the countries involved in the data breach, Italy is in the second position, as shown in the next chart.

 

Chart showing the most impacted countries on Facebook data breach

How can the data breach affect you?

Data breaches like this pave the way for the information gathering phenomenon, i.e. the collection of information from sources (both legal and illegal) to launch targeted attacks that detection systems aren’t able to perceive, directly to people in a high-level position within a company, as top-ranking executives.
Information gathering attacks are the best moments for many other sub-activities.
«I could use your phone number, obtained from this breach, to send you a phishing SMS or malware (posing as one of your contacts, someone you know or a sender you trust). The same with your email address.
I could try bruteforce attacks using the password you set up on Facebook and try it on other services, as many people set a unique password for all services (spoiler: don’t do that!). I could also profile your WhatsApp logins to figure out when you go to sleep and when you wake up; I can use this information to realize when is the right time to break into your house and steal everything», said Mirko Caruso, Head of Cybersecurity and Defence at Intellisync.

Graph with the number of Italian managers involved in the Facebook data breach

As we see in this graph, reporting information about the users with data mining technique, a number of influential persons appear in the data leak and this exposes companies to digital risk.
Therefore, it suggests that there is a real threat for users belonging to this list to become a Spear phishing victim. Spear phishing is a particular form of phishing (i.e. of malicious email) addressed to a particular person, especially those with high-level positions, to induce her/him to click on an attachment that is malicious.
However, you can check whether you are part of that breach in a popular website named Have I been pwned, which is perfect for a first impact action.
By insert your email or your personal number, you can check if your email or phone is in a data breach.

And if you do find out that your data has been compromised?

Three ways to secure access and strengthen security:

  • Change the passwords of compromised sites;
  • Set up two-factor authentication for additional security;
  • Monitor and control access and security, with a focus on access-related IP addresses.

Lessons learned

First off, if it wasn’t already obvious, cybersecurity requires constant vigilance and is definitely an arms race. These days, it’s a matter of when you are breached, not if.
With that being said, it’s not only a matter of the individual to secure its information but also companies and organizations must ensure security within their infrastructure in order to preotect their employees and the business itself from the threats.
Who is accountable for the company security should have a recovery plan to implement after a data breach. A Forrester study confirms that 38 percent of enterprises admit that they have lost business because of a real or perceived lack of security performance within their organization.
According to the Identity Management Institute, stolen employee access credentials are one of the leading causes of data breach incidents which costed businesses about $2 trillion in 2019.
In fact, stolen employee passwords are responsible for about 90% of cyber attacks according to leading industry and government reports.

Intellisync can provide you with secure infrastructure and systems conforming to the NIST framework, with incident response procedures.

Sources:

  • Better Security And Business Outcomes With Security Performance Management, Forrester Consulting.
  • Identity and Access Management Market Analysis, Identity Management Institute.
  • Digital 2021 Report, We are social.

Recent Posts

button to top

CONNECT WITH OUR EXPERTS

We’ll be in touch shortly