'No business immune' to data breaches, warns cyber security expert after Facebook leak

'No business immune' to data breaches, warns cyber security expert after Facebook leak

StickmanCyber founder and CEO Ajay Unni.

A Sydney-based cyber security expert has warned Facebook users to be on alert following revelations over the weekend that details from 500 million accounts had been found on the web.

Facebook claims the data is "old" and relates to a previously reported leak in 2019, but StickmanCyber founder and CEO Ajay Unni emphasises it is exactly the kind of rich data that can be used to target people via large email and voice phishing scams.

"Numbers do not lie. The revelation of 553 million users' data being stolen is not something to be ignored. Cybercriminals thrive on this kind of data," says Unni.

"Instead of taking responsibility and supporting the affected users with post data breach support and identify theft protection, Facebook is trying to brush this off as 'old data'.

"Sure, the data is two years old, but how many times in a two year period do you change your phone number, email, and date of birth?"

Unni is part of the 2020 NSW Government Cyber Security Task Force, a group of experts tasked with accelerating the adoption of cybersecurity across Australia. He has urged all social media platforms to become more responsible and accountable when it comes to data breaches.

"They should pay compensation to those affected, or at the very least, provide some sort of additional support moving forward," Unni says.

"Facebook already sells its customer's data to advertisers, and this latest data breach is simply a continuation of a culture that leaves users with no protection, at the mercy of Facebook's policies and security settings.

"If you are a Facebook user, take extra precautions when you receive emails, even from people you know. Cybercriminals are able to map your profile, pretend to be your Facebook friend, and send you a phishing email."

He says no business, big or small, is immune to a data breach, and larger companies especially must take more responsibility and accountability and invest in the post data breach support of customers and users.

"Take care when receiving calls from unknown people. They might even claim to be representing Facebook to help you with the recent data breach and act as they want to help you," Unni says.

"If the call is from a service provider you use, tell them you will call back their main customer service number and follow through with the call.

"Change all your passwords to more complex ones using letters, numbers, special characters, capital letters and phrases that cannot be guessed easily."

Multinational cyber security company Kaspersky has also weighed in on the issue, with its chief operating officer Alexander Moiseev explaining data protection is the most concerning IT security issue for more than half of organisations globally.

"Furthermore, last year, we found that every second organisation (46 per cent) experienced data breaches as a result of different cybersecurity incidents," Moiseev says.

"Though we may be accustomed to leaving different information about ourselves on the Internet, we still need to control what we really want to make public and what we don't.

"That's why it is important to understand how our data can be used if it appears in the wrong hands - for phishing, social engineering or account takeovers. And, if this happens, it is important to be prepared and use dedicated protection on our devices."

Kaspersky security expert Dmitry Galov says it would not be surprising if attackers are seen using information obtained from the breach in targeted phishing attacks.

"Attackers could also use the information to impersonate the person whose data was breached," Galov says.

"In order to stay safe from scammers who may be exploiting this data, take extra precaution when you receive emails that seem strange - even if they appear to come from someone you trust.

"Never click on any links or attachments inside emails and always check for strange grammar/spelling errors (a sign that the email is not from the person it claims to be)."

Never miss a news update, subscribe here. Follow us on LinkedIn, Instagram and Twitter.

Business News Australia

Help us deliver quality journalism to you.
As a free and independent news site providing daily updates
during a period of unprecedented challenges for businesses everywhere
we call on your support

Advertisement

Related Stories

"World's largest online workforce" Freelancer.com sees enterprises in desperate need of talent

"World's largest online workforce" Freelancer.com sees enterprises in desperate need of talent

"The defining characteristic of the 21st century will be the...

ACCC: Domestic tourism boom driving local airline market recovery

ACCC: Domestic tourism boom driving local airline market recovery

Australian airlines are on the up in recent months as a surge in ...

Diamond, Eisen and more back $15.5m seed round for Honey Insurance launch

Diamond, Eisen and more back $15.5m seed round for Honey Insurance launch

New home and contents insurer Honey Insurance has bottled $15.5 m...

Creso Pharma in merger to create global psychedelics and cannabis company

Creso Pharma in merger to create global psychedelics and cannabis company

A merger announced today between Creso Pharma (ASX: CPH) and Cana...