Social media and other online platforms are witnessing the worst cyber hacks and data leaks these days. Hackers are using advanced strategies to take away the accounts and sensitive information of the users. Even after securing the servers where the data’s are stored, threat actors find new ways to exploit them and take away their control.
Facebook and LinkedIn are two major social media platforms that have millions of users. During the first week of April, Facebook witnessed a data breach which leaked around 530 million user data and published it in an unsecure database.
Similarly, LinkedIn was also under the trap of cyber hackers. Around 500 million data were lost from LinkedIn servers.
In both these cases, the hackers posted the data publically so that anyone could access them.
The Facebook developers explain that the leaked data was gained from user’s profile by the hackers using ‘contact importer’. The developers added this feature to Facebook so that people can connect with friends who are in their contact list. This feature was brought about in the year 2019. Once they understood that the threat actors are misusing them, the developers made variations in the contact importer feature.
Security researchers points out that Facebook hasn’t disclosed the breach completely in the past. Till now, Facebook has not completely accepted the responsibility of the data breach. They argue that it wasn’t the data present in the system which was used to exploit the vulnerability.
They also added that, this time the hackers did not get the access of the user’s data through hacking our system but they scraped it from their platform prior to the previous data breach.
Immediately after knowing about the breach, Facebook has fixed them back in 2019. But they still had vulnerability and the access of the previous data which paved way for the new exploitation. There are possibilities where the social media hackers may have mashed the data set with other publically posted records.
But now, Facebook has closed all the loopholes and ensured tight security of their user information. They individually rectified the inadequacy in the systems.
While considering the case of LinkedIn, user’s information along with publically viewable data was scraped away from the platform. The security team of LinkedIn conducted a primary level of investigation and found that the leaked data was posted publically for sale. The leaked data was a combination of different other data from different websites and companies.
As per the census, the drained data consisted of names, email addresses, phone numbers and other sensitive information of around 500 million users. LinkedIn in total has 740 million members. The hackers released around 2 million data back to LinkedIn and sold the rest.
As per the policy of LinkedIn, contact information is only made accessible to the first-degree connections, but it is a questionable fact that how the threat actors gained control of these data.
Even after strong security measures, Facebook and LinkedIn data has been compromised.
How to protect yourself from Facebook data breach?
- Think before you share all your personal information in Facebook.
- Analyse things before you share them.
- Never use Facebook to visit other websites.
- Have a unique and strong password.
- Install threat detection software.
How to protect your LinkedIn account from data breach?
- Update your privacy settings and never over share your personal details.
- Enable two-step verification.
- Choose secure browsing (HTTPs) to make you stay away from malicious and fraudulent websites.
- Provide a strong password and keep on changing them on a regular basis.
- Never open suspicious emails, links and attachments.