[News] Massive Facebook data breach

VIA NAMECHEAP

[News] Massive Facebook data breach

In what seems like ‘what else is new’ news, this week we experienced yet another major breach of consumer data. This time personal data from over 533 million Facebook users was posted online in a hacking forum.

Business Insider reports that the exposed data comes from users in 106 countries, including more than 32 million people in the US as well as 11 million people in the UK. And included in the leaked data are Facebook IDs, full names, phone numbers, physical locations, birthdates, biographical information, and email addresses.

Where the data came from isn’t immediately clear. Facebook claims the breach was in 2019 and they had discovered and fixed the vulnerability in their code since that time. According to a statement from Graham Doyle, deputy commissioner for the Irish Data Protection Commission, “much of the data appears to have been data scraped some time ago from Facebook public profiles,” but may also include other data from a later point in time.

Either way, this represents a huge data security headache for millions of people all over the world, whose data is in the hands of cybercriminals. The data could be used in hacking attempts against Facebook or other online accounts, identity theft, spam, or other criminal pursuits. Indeed, back in January 2021 Vice/Motherboard reported that a bot was already making the data set accessible and searchable.

In a detailed response to this latest breach, Electronic Frontier Foundation (EFF) noted, “the problem isn’t that a Facebook programmer made a mistake: the problem is that this mistake was so consequential.” In this response, EFF calls for new, enforceable privacy laws to which all companies would have to answer.

As a consumer who may have been affected by this breach, what can you do? We recommend that you change your Facebook password, as well as the passwords to any emails you use to connect to Facebook. We also suggest you check to see if your phone number or email address was exposed by using the tool at Have I Been Pwned, which has been updated to include data from the Facebook breach. 

In other news

  • Beware of LinkedIn DMs bearing malware. According to cybersecurity firm eSentire, a hacking group is attempting to trick unsuspecting job hunters into clicking on malicious links in their DMs that download malware known as ‘more_eggs’ onto their computers. The gimmick works this way: someone messages a person on LinkedIn with what looks like a similar job opening (with the user’s current job title plus “position” at the end). Inside that message is a file that installs the malware on machines running Windows. From there, the hackers can install additional files that allow them to gain access to the user’s computer. 

    To protect yourself against this latest threat, we recommend that you don’t click on any links sent to you in private messages (on LinkedIn or any other platform) that come from individuals you do not know.

  • Wix attempts to cast shade on WordPress. Last weekend, Wix attempted to woo well-known WordPress advocates by sending them Bose noise-canceling headphones, while claiming they were ‘from WP.’ According to WordPress Tavern, the packages included a QR code that directed recipients to view a video from a guy identified as ‘WordPress’. Then a new series of tweets from Wix popped up, trash-talking WordPress on things such as regular updates and memory issues.

    Long-time WordPress contributor Aaron Campbell was one of the recipients of the headphones, and told WPTavern, “The video takes some odd snipes at WordPress, but the whole overall feel is a bit shady/dirty. Not a great look for Wix in my opinion.”

    WordPress founder Matt Mullenweg also weighed in on the campaign, posting on his blog that Wix has decided to “tastelessly personify the WordPress community as an absent, drunken father in a therapy session.” He added, “I hope people consider the behavior of companies in the world they support with their dollars.”

  • Apple’s no-tracking app dents PPC Campaigns. Apple’s new iOS 14 update is about to change the way users are tracked. The new update requires apps on mobiles to show an Apple Tracking Transparency (ATT) approval prompt so that users can opt-out of data tracking used to deliver advertising. This is a great effort to address online privacy concerns. However, because this is the main way advertising pay-per-click campaigns target and retarget their niche audiences, especially those specific to Facebook, it may disproportionately impact small businesses that rely on PPC campaigns for their marketing efforts.
  • Ingenuity has left the nest. The remote helicopter formerly attached to the Mars Perseverance rover survived its decoupling from the rover and a 4-inch (10-centimeter) freefall, as well as its first few nights of extreme cold nighttime temperatures. It’s even taken its first photo of its new home! If everything continues to go as planned, next week the helicopter will stretch its wings and take its first flight, sharing photos of its new home with all of us back on Earth. If you want to know more, NASA has released a schedule of events so you can follow along.

Tip of the week

Did you know that email is 50 years old? Most people only got their first email address within the last 25 years, but the technology has been around for a lot longer than that!

Check out our recent article about the history of email and then take your business to the next level when you sign up for one of our Professional Business Email plans.

[News] Massive Facebook data breach .