The government's premier cyber security organisation CERT-In has asked users of Facebook to secure their profile information on the social networking site after it was flagged that personal data of 533 million Facebook users globally, including details of 6.1 million users from India has been allegedly leaked online and posted for free on hacking forums.
The Computer Emergency Response Team put out an alert on Monday saying that it has been reported that globally there has been a large scale leakage of Facebook profile information. The exposed information includes email addresses, profile ID, full name, job occupation, phone numbers and birth date. According to Facebook, the scraped information does not include financial information, health information or passwords. The company has also claimed that based on its investigation, threat actors scraped this data prior to September 2019, by using Facebook's "contact Importer" feature, which allows users to find other users by using their phone numbers, said the public advisory.
It recommended that users consider changing their profile settings to "private" or "friends" only as data scrapers can use "public" information of an individual to "match and combine with data from other breaches to access even more of their personal information and accounts".
It also asked users to adjust their settings to who can find and contact them on Facebook and consider whether to set them all to "friends" or stricter for stronger security.
"As the Facebook platform evolves and grows, parts of your account could be public. Data could also be collected and shared in ways you don't know about," CERT-In said in a public advisory issued on Monday.
The advisory asked users to follow good cyber hygiene practices, and also said that Facebook has advised individuals to "make sure that their privacy settings reflect what information they want to share publicly and who they want to be able to look at them by phone number".
Facebook, it added, has also recommended account holders to enable two-factor authentication also known as 2FA.
The Computer Emergency Response Team put out an alert on Monday saying that it has been reported that globally there has been a large scale leakage of Facebook profile information. The exposed information includes email addresses, profile ID, full name, job occupation, phone numbers and birth date. According to Facebook, the scraped information does not include financial information, health information or passwords. The company has also claimed that based on its investigation, threat actors scraped this data prior to September 2019, by using Facebook's "contact Importer" feature, which allows users to find other users by using their phone numbers, said the public advisory.
Liking this story?
Get one mail covering top tech news of the day in under 5 minutes!
Please wait...
It recommended that users consider changing their profile settings to "private" or "friends" only as data scrapers can use "public" information of an individual to "match and combine with data from other breaches to access even more of their personal information and accounts".
It also asked users to adjust their settings to who can find and contact them on Facebook and consider whether to set them all to "friends" or stricter for stronger security.
"As the Facebook platform evolves and grows, parts of your account could be public. Data could also be collected and shared in ways you don't know about," CERT-In said in a public advisory issued on Monday.
The advisory asked users to follow good cyber hygiene practices, and also said that Facebook has advised individuals to "make sure that their privacy settings reflect what information they want to share publicly and who they want to be able to look at them by phone number".
Facebook, it added, has also recommended account holders to enable two-factor authentication also known as 2FA.
Read More News on
1 Comment on this Story
 | M.L.GUPTA11 hours ago Security is a silly notion- an illusion as you are using extensively a facility which normally would cost you millions of Dollars a month. You enjoy everything at these platforms and still think it comes for free. Why suffer such illusions? This extremely vital information is being collected, collated, analysed and strained for foreign policy goals of the New Age Technological Empire, which is likely to be established in the next 20 years. COVID-19 like biological bombs are designed to push the users to "poverty". The anti-dote lies in India making its own platforms to protect information. In modern times even the most insignificant looking information such as just a word or gesture is sensitive information. Let us not expect a foreign platform to render free service honestly. |