Facebook Data Breach — April 2021
It was April 3rd, 2021 when hackers posted Facebook users’ private information online in a hacking forum for free. A hole in their security led to a leak of over 533 million users’ data. The Information leaked would possibly be used to identify individuals from 106 different countries, where the US, the UK, and India had the greatest number of exposed records respectively. Alon Gal, co-founder, and CTO of cybercrime intelligence firm Hudson Rock was the man who discovered this breach.
“It takes 20 years to build a reputation and few minutes of cyber-incident to ruin it.” — Stephane Nappo.
Cyberspace will be the next tool of warfare in the coming times, it won’t be on Sea, Air, or Land. So we won’t be needing Generals to prepare for the War Strategies or Fighter jets taking sorties nor we will be needing soldiers standing with an AK-47 in hand ready to fire at the enemy. There may not be Generals preparing War Strategies or Tanks rolling on the ground to hit targets nor gung-ho Infantry soldiers on the ground who will be facing direct enemy automatic fire. Instead, there will be a group of nerds and n00bs wearing cool sweatshirts or black hoodies and pants with a diet coke and some Nachos on their desk along with their Arsenal of Computers and Electrical devices and RGB lights on their background with proper kind of a Lab setup.
While things like cryptocurrencies theft and data loss have become commonplace in 2021, millions of new cyber security incidents have been reported, this year distinguishes out owing to many high-profile attacks including ransomware, supply chain attack, and critical vulnerability exploitation.
According to the ITRC (Identity Theft Research Center), there was a 17 percent increase in data breaches in 2021 compared to 2020.
Big companies like Amazon, Google, Microsoft, and other elite companies of Silicon Valley all have a history of getting hacked. In this article, we shall look into the data breach of one of the most famous social media firms “Meta”, formerly “Facebook”. How their servers have been breached during this Coronavirus-induced pandemic from 2020–2021.
Before jumping into the case study, we need to know some basic things regarding the Data Breach.
What is Data Breach?
According to Wikipedia, A data breach is a security violation, in which sensitive, protected, or confidential data is copied, transmitted, viewed, stolen, or used by an individual unauthorized to do so.
Or in the simple definition, we can say that A data breach is an incident where information is stolen or taken from a system without the knowledge or authorization of the system’s owner.
According to IBM’s “Cost of a Data Breach Report 2021”, the average cost of a data breach has now reached over $4 million, while Mimecast estimates that the average ransomware demand levied against US companies is well over $6 million. The world record for the largest payout, made by an insurance company this year, now stands at $40 million.
Many firms are targeted by hackers in this era of massive enterprises and industries since they are the Gold Mine of Data. Data is defined as anything that belongs to a person or a company, such as an email address, address, personal documents, name, age, biometrics, chat logs, and so on. Due to server flaws or a lack of cyber protection, hackers attack them as sitting ducks. Once such information falls into the wrong hands, it may cause chaos, such as being used for illegal purposes.
Facebook Data Breach
We have seen about data breach, now let’s see how Facebook data breach happened, what type of data was exposed, how that data may affect users, how we can get to know whether we have been compromised or not, and finally how we can secure our self!
Approximately 533 million Facebook users’ personal information was disclosed by a user on a forum. This data breach is comparable to LinkedIn’s security incident, in which an unknown hacker sold data from over 500 million users online after dumping two million users’ data as proof. The number of users impacted was global, and Business Insider independently validated the accuracy of the data, verifying that the breach was genuine. A Facebook spokesperson told Insider that the data had been scrapped because of a vulnerability that the company patched in 2019. People also confirmed records by testing email addresses from the data set in Facebook’s password-reset feature, which can be used to partially reveal a user’s phone number.
According to the company, before September 2019, a bug in Facebook’s contact importer allowed people to “imitate our app and upload a large set of phone numbers to see which ones matched Facebook users, [allowing them to] query a set of user-profiles and obtain a limited set of information about those users included in their public profiles.”
How did the data breach happen?
Facebook’s contact importer tool, which allows users to discover friends on the social network app using their phone’s contact list, was primarily used to gather private information from users. After discovering that the contact importer vulnerability was being exploited, Facebook announced it had patched it. The company said that It’s essential to highlight that the attackers didn’t penetrate the firm’s systems by injecting malicious code that would compromise its security defenses. Instead, the data was scraped from its service by the attackers.
“ Scraping data using features meant to help people violates our terms. We have teams across the company working to detect and stop these behaviors. We’re focused on protecting people’s data by working to get this data set taken down and will continue to aggressively go after malicious actors who misuse our tools wherever possible. “ — Mike Clark, Product Management Director at Meta
What kind of data was leaked?
The database contained personal information of Facebook users, which included
- phone numbers,
- Facebook IDs,
- full names,
- addresses,
- birthdates,
- bios, and, in some circumstances,
- email addresses.
In the process, even Facebook CEO Mark Zuckerberg’s credentials were reportedly exposed. The data was then exposed on the dark web by threat actors. Users’ financial information and passwords were kept private.
According to a Facebook spokesperson, the data was scrapped as a result of a vulnerability that the firm patched in 2019.
Even though the data is a couple of years old, cybercriminals who misuse people’s personal information to impersonate them or deceive them into handing over login credentials may find it useful.
“A database of that size containing the private information such as phone numbers of a lot of Facebook’s users would certainly lead to bad actors taking advantage of the data to perform social-engineering attacks [or] hacking attempts,” Alon Gal told Insider.
Critics claim that this is simply Facebook’s attempt to downplay the effects of the data breach. Facebook apologized for the data breach in 2019 but never told users that their accounts had been compromised.
Facebook’s Monopoly
This was not the first time Facebook had suffered data breaches. Even in 2019, millions of users’ phone numbers were scraped from Facebook’s servers in violation of its terms of service.
“Privacy does not come from monopoly. Facebook’s data breach problems are the inevitable result of a monopoly, in particular, the knowledge that it can heap endless abuses on its users and retain them.”
Facebook has no plans to notify individuals whose information was exposed because the corporation claims it does not know who was affected. Despite the patch, 419 million data containing user IDs and phone numbers were exposed in September 2019. Then, in December 2019, a Ukrainian researcher discovered on the open Internet a database containing the personal information of over 267 million Facebook users. When queried about the data breach, Facebook stated that it was caused by a vulnerability in an older version of their software. While the flaw was patched in 2019, the data was certainly leaked before that. Although the leaked data is old, the personal information provided is still a clear violation of privacy. This was the reason Facebook had to pay around 5 Billion USD to Federal Trade Commission.
How data breaches can affect users?
In June 2020, a member of a hacker community began selling Facebook data to other members, but what made the breach stand out was the fact that it featured member information that could be scraped from public profiles as well as private mobile numbers linked with the accounts.
Data from the 2021 Facebook data breach is already being sold on several groups on the cloud-based messaging platform Telegram, according to Alon Gal. Furthermore, the data set appears to be all over the Internet on numerous hacker forums.
Email fraud, scam phone calls, phishing attempts, SIM switching, and targeted advertising are all possible activities with the stolen information. It may be used to plan and carry out a variety of criminal internet scams. Hackers can impersonate users and conduct financial transactions on their behalf without their knowledge or consent.
How to know whether our data is breached/stay safe?
Unfortunately, if you’ve had a Facebook account since 2019 or earlier, your information was likely included in the leak. Strange emails or messages demanding further information or urging the user to click on attached links should be avoided by all Facebook users. Because the leaked data includes email addresses and phone numbers, you should be on the alert for phishing attacks. Unexpected phone calls from strangers asking for personal information, as well as emails that raise an eyebrow, should be seen as threats. You should be able to prevent any negative consequences from the leaks if you keep an eye out for red signals.
HaveIBeenPwned.com is a website that allows users to find out whether their data has been leaked or hacked. The webpage has been updated to reflect the presence of hacked phone numbers and emails. All they have to do is type in their email address and wait for the results.
The latest collection of information to be added to the engine is from Facebook, and you should verify both your email and phone number, as just 2.5 million of the entries have an email address. As a result, if you only search your email address but not your phone number, links to the Facebook breach may not show. If you were one of the persons affected by the data breach, the first thing you should do is change your password. To handle several, strong passwords across different apps, you may use a security service like 1Password. To access their accounts, Facebook also suggested that users use two-factor authentication as a security measure. While there is nothing you can do after your data has been leaked, if you were a victim of the breach, you should be on the lookout for phishing attempts or fake cold calls. It will also let you know whether you’ve been hacked in the past, so you can better protect yourself in the future.
Conclusion
Facebook has a long history of failing to protect client data, and it has been in the news for enormous data breaches that appear to be growing in size every year. With yet another disclosure of mishandled data, it’s unsurprising that Facebook users are growing increasingly irritated. They’re sick of apologies followed by declarations about how seriously Facebook takes their privacy. If you aren’t ready to cancel your Facebook account or don’t think this is a feasible option for you, please read this post on how to use Facebook safely and control your privacy settings.
This was all for today, will be coming up with more such case studies and data breach story… till then
