'No business immune' to data breaches, warns cyber security expert after Facebook leak

'No business immune' to data breaches, warns cyber security expert after Facebook leak

StickmanCyber founder and CEO Ajay Unni.

A Sydney-based cyber security expert has warned Facebook users to be on alert following revelations over the weekend that details from 500 million accounts had been found on the web.

Facebook claims the data is "old" and relates to a previously reported leak in 2019, but StickmanCyber founder and CEO Ajay Unni emphasises it is exactly the kind of rich data that can be used to target people via large email and voice phishing scams.

"Numbers do not lie. The revelation of 553 million users' data being stolen is not something to be ignored. Cybercriminals thrive on this kind of data," says Unni.

"Instead of taking responsibility and supporting the affected users with post data breach support and identify theft protection, Facebook is trying to brush this off as 'old data'.

"Sure, the data is two years old, but how many times in a two year period do you change your phone number, email, and date of birth?"

Unni is part of the 2020 NSW Government Cyber Security Task Force, a group of experts tasked with accelerating the adoption of cybersecurity across Australia. He has urged all social media platforms to become more responsible and accountable when it comes to data breaches.

"They should pay compensation to those affected, or at the very least, provide some sort of additional support moving forward," Unni says.

"Facebook already sells its customer's data to advertisers, and this latest data breach is simply a continuation of a culture that leaves users with no protection, at the mercy of Facebook's policies and security settings.

"If you are a Facebook user, take extra precautions when you receive emails, even from people you know. Cybercriminals are able to map your profile, pretend to be your Facebook friend, and send you a phishing email."

He says no business, big or small, is immune to a data breach, and larger companies especially must take more responsibility and accountability and invest in the post data breach support of customers and users.

"Take care when receiving calls from unknown people. They might even claim to be representing Facebook to help you with the recent data breach and act as they want to help you," Unni says.

"If the call is from a service provider you use, tell them you will call back their main customer service number and follow through with the call.

"Change all your passwords to more complex ones using letters, numbers, special characters, capital letters and phrases that cannot be guessed easily."

Multinational cyber security company Kaspersky has also weighed in on the issue, with its chief operating officer Alexander Moiseev explaining data protection is the most concerning IT security issue for more than half of organisations globally.

"Furthermore, last year, we found that every second organisation (46 per cent) experienced data breaches as a result of different cybersecurity incidents," Moiseev says.

"Though we may be accustomed to leaving different information about ourselves on the Internet, we still need to control what we really want to make public and what we don't.

"That's why it is important to understand how our data can be used if it appears in the wrong hands - for phishing, social engineering or account takeovers. And, if this happens, it is important to be prepared and use dedicated protection on our devices."

Kaspersky security expert Dmitry Galov says it would not be surprising if attackers are seen using information obtained from the breach in targeted phishing attacks.

"Attackers could also use the information to impersonate the person whose data was breached," Galov says.

"In order to stay safe from scammers who may be exploiting this data, take extra precaution when you receive emails that seem strange - even if they appear to come from someone you trust.

"Never click on any links or attachments inside emails and always check for strange grammar/spelling errors (a sign that the email is not from the person it claims to be)."

Never miss a news update, subscribe here. Follow us on LinkedIn, Instagram and Twitter.

Business News Australia

Enjoyed this article?

Don't miss out on the knowledge and insights to be gained from our daily news and features.

Subscribe today to unlock unlimited access to in-depth business coverage, expert analysis, and exclusive content across all devices.

Support independent journalism and stay informed with stories that matter to you.

Subscribe now and get 50% off your first year!

Four time-saving tips for automating your investment portfolio
Partner Content
In today's fast-paced investment landscape, time is a valuable commodity. Fortunately, w...
Etoro
Advertisement

Related Stories

"Ugly" lemon and lime juice cube startup Naked Rivals squeezes $3m from angel investor

"Ugly" lemon and lime juice cube startup Naked Rivals squeezes $3m from angel investor

A husband-and-wife founder team, whose lemon and lime juice cubes s...

GreenFort, Gaw Capital join forces on $800m joint venture

GreenFort, Gaw Capital join forces on $800m joint venture

Brisbane-based alternative real estate fund manager GreenFort Capit...

Riverside backs Wollongong IT powerhouse VITG as M&A opportunities beckon

Riverside backs Wollongong IT powerhouse VITG as M&A opportunities beckon

Virtual IT Group (VITG), a Wollongong-based managed service provide...

Booktopia extends share trading suspension as critical funding announcement looms

Booktopia extends share trading suspension as critical funding announcement looms

Just as so many Booktopia (ASX: BKG) customers had to wait longer t...