10 Oct Facebook Breach: Over 50 Million Affected
For the second time this year, 50 million Facebook users have been affected by a data breach. The first breach involved Cambridge Analytica earlier this year and the sale of user data. The most recent breach occurred at the end of September when hackers took advantage of a feature to access tokens and take over accounts. In light of national cyber security month, we’d like to share more about this hack and provide your business with cyber security recommendations.
About the Breach
Facebook allowed users to access the “view as” feature which changed profile views based on the selection. This feature granted hackers access to user access tokens, which are “needed any time the app calls an API to read, modify or write a specific person’s Facebook data on their behalf”, according to Facebook. With this data, hackers were able to take over accounts, including third-party accounts that used Facebook tokens for log in.
What Facebook is Doing
In order to protect user data, Facebook is working on fixing the vulnerability. Which is why they report breaches like these to the proper authorities. As a precaution, Facebook has reset an additional 40 million user tokens beyond the 50 million affected accounts. During the investigation, Facebook is removing the “view as” feature until it is safe to re-release it.
What Your Business Can Do
Cyber risk comes in many forms so it’s best to have cyber security protocols in place to mitigate the risk of an attack. Businesses should be cautious of employee internet activity while using the business network. In addition, staying cautious of malicious emails can prevent phishing attacks and other hacks. Caution employees to never click on links from unverified sources. In some cases, business data may release to the dark web due to accidental employee mistakes. Take advantage of our free dark web security check here to see if you business data is at risk.
It’s clear that a cyber breach can happen to any business, which is why cyber security is critical for all organizations. CPI can help your business through disaster recovery measures, 24/7 remote monitoring, strategic planning, and more. Experts advise you to work with technology specialists who are able to develop a cyber security plan right for your business. Remember, every business is different and should not be serviced with a one-size-fits-all solution.