If there’s one thing that people know about, It is FACE BOOK. In this app-driven world, people are connecting their devices to the internet and are addicted to social media like Facebook and Instagram that they couldn’t imagine their lives without these networking apps . Every 7 year old kid has an online account in at least one of these platforms. They make reels ,scroll through instagram just to pass the time instead of engaging with people around. They post a meme on movies, actors in FB & instagram, spending some much time in editing them rather than putting that time efforts into studying something useful. Where there is good, there is an equal amount of bad too.
So what is good about these platforms?
Social media platforms like these made people to connect to each other across the globe instantly. People can transact their money easily with apps like whats app, google pay, phone pe, pay pal etc. some people try to spread the awareness about the current issues via social media. People happily login to these platforms with their personal email id’s or work email id’s. Drop everything that you are doing right now and think what are you getting into. You are sharing your sensitive information online and to some stranger out there. You are letting them record all of your data. These platforms are built on our data. We feed these zombies.
Around the globe, there is a data breach happening every 39 secs and hackers are posting all of your information, your emails, your passwords, your bank ac details everything on the dark web. Doesn’t this concern you? Recently 533 millions of user’s data of face book is hacked. Isn’t this number disturbing? What if you are in the list of hacked users ? What if hackers gained access to you bank accounts? Your money isn’t safe online. YOU ARE NOT SAFE ONLINE.
LIST OF DATA BREACHES OF FACEBOOK:
These are the list of all the breaches suffered by facebook. The very first breach was in 2013 where 6 millions of user’s data was leaked and the very recent one took place in this pandemic where 533 millions of user’s data was exposed .
Facebook’s 2013 breach is not really a breach . It is Ted Cruz’s president campaign against Donald Trumph where they used millions of data of potential voters to build a “psychographic profiles” without informing the user about how they were going to use their data. Federal election commission shows that Cruz’s campaign paid Cambridge Analytica about $750,000 to build these psychographic profiles of users to boost his election campaign. All this began as a part of research by a data scientist Kogan to model human personality traits.
Technicality behind this:
Kogan used seeding method to harvest millions of data of user’s and their friends and family. He collected the data through surveys where users were asked to log in to their facebook account and eventually they downloaded user’s information. He not only harvested a particular user’s data, but also their friend’s and family’s data too and built an empire of data set.
Nearly 50 million user’s data was compromised in 2018 breach. The vulnerability was live between july 2017 and September 2018 but nobody detected it. On sep 14th but it was detected on sep 25th and within two days facebook fixed the vulnerability. Company also created a website for users to check if their account was hacked. Hackers stole the “access tokens” which are the security keys to keep users logged into their account in multiple browsers. With these access tokens hackers would be able to get the data from third party applications which requires facebook login.
What did FB do then?
Mark said that along with 50 million hacked accounts,additional 40m users who used “view as” tool, had to log out from their accounts which would reset the access tokens as a step for prevention. Facebook also turned off “view as” tool to reset access tokens.
Breaches kept haunting facebook since 2013 when it saw hundreds of millions of users using its platform to share and connect with people. 419 million phone numbers were exposed in 2019 . Even mark’s private information was leaked in this breach. This information was stored in an online database server which was unprotected till 2019. Facebook says that this database was old and contained information before they had made changes to remove the ability to view other’s profile using their mobile numbers.
Another year another breach . it was nearly 533million of user’s data. Can this year of pandemic and struggles can get any worse? This data includes our names, email id’s, gender, occupation, marital status and phone numbers and was uploaded on dark web. In 2019, the same data was exposed and sold it on telegram for $20 per search. This time the data is available online for free to everyone.
How did hackers do it?
Hackers found a vulnerability to access user’s sensitive information like phone munber, address, email ID. Hackers used DATA SCRAPING method. Data scarping allows hackers to gain the information that is imported from any website onto the local file in the computers. With phone numbers attacker can reset the password to their bank accounts or any online accounts. Millions of data were at a risk of spam calls, SIM-swapping attack. Twitter CEO, Jack Dorsey was a victim of sim-swapping whose twitter account was hijacked by gaining access to his phone number.
Steps taken by FB to prevent future threats:
1.Facebook restricted developers in data access.
2.If someone hasn’t used an app within the last three months, Facebook turns off the app’s access to their information.
3.Facebook conducted a full audit of any app with suspicious activity and banned if any developer from the platform that does not agree to a thorough audit.
4.It has been recognizing and rewarding security researchers who help the platform to keep people safe by reporting vulnerabilities in the services under its Bug bounty program.
Steps that should be taken by us:
Facebook isn’t known for our security and privacy. This doesn’t mean it should let hackers do their job. Rather than relying completely on facebook to protect our data, some things can be done from our side to protect our information on facebook like:
- Changing password for atleast every three months.
- Securing our facebook account with strong passwords.
- Enabling two factor authentication not via sms service but can be done using any authenticator app like authy.
- Go to security settings and choose receive alerts about the unauthorized access.
- Think about what we share online.
- Do not use facebook login credentials for another apps or websites.
- Do not accept friend requests of unknown. Connect only with the people you know.
- If found any suspicious activity or a suspicious link, or account, do report it.
- Deleting app on our smartphones. This would avoid tracking.
If you ask me, I would suggest you to delete your facebook account but It is not as simple as that. After all facebook and other platforms helped us to connect with our family and friends from home and survive this pandemic. So following the above mentioned tips will at least put our account at lower risk from future data breach. STAY SAFE ONLINE