'No business immune' to data breaches, warns cyber security expert after Facebook leak

'No business immune' to data breaches, warns cyber security expert after Facebook leak

StickmanCyber founder and CEO Ajay Unni.

A Sydney-based cyber security expert has warned Facebook users to be on alert following revelations over the weekend that details from 500 million accounts had been found on the web.

Facebook claims the data is "old" and relates to a previously reported leak in 2019, but StickmanCyber founder and CEO Ajay Unni emphasises it is exactly the kind of rich data that can be used to target people via large email and voice phishing scams.

"Numbers do not lie. The revelation of 553 million users' data being stolen is not something to be ignored. Cybercriminals thrive on this kind of data," says Unni.

"Instead of taking responsibility and supporting the affected users with post data breach support and identify theft protection, Facebook is trying to brush this off as 'old data'.

"Sure, the data is two years old, but how many times in a two year period do you change your phone number, email, and date of birth?"

Unni is part of the 2020 NSW Government Cyber Security Task Force, a group of experts tasked with accelerating the adoption of cybersecurity across Australia. He has urged all social media platforms to become more responsible and accountable when it comes to data breaches.

"They should pay compensation to those affected, or at the very least, provide some sort of additional support moving forward," Unni says.

"Facebook already sells its customer's data to advertisers, and this latest data breach is simply a continuation of a culture that leaves users with no protection, at the mercy of Facebook's policies and security settings.

"If you are a Facebook user, take extra precautions when you receive emails, even from people you know. Cybercriminals are able to map your profile, pretend to be your Facebook friend, and send you a phishing email."

He says no business, big or small, is immune to a data breach, and larger companies especially must take more responsibility and accountability and invest in the post data breach support of customers and users.

"Take care when receiving calls from unknown people. They might even claim to be representing Facebook to help you with the recent data breach and act as they want to help you," Unni says.

"If the call is from a service provider you use, tell them you will call back their main customer service number and follow through with the call.

"Change all your passwords to more complex ones using letters, numbers, special characters, capital letters and phrases that cannot be guessed easily."

Multinational cyber security company Kaspersky has also weighed in on the issue, with its chief operating officer Alexander Moiseev explaining data protection is the most concerning IT security issue for more than half of organisations globally.

"Furthermore, last year, we found that every second organisation (46 per cent) experienced data breaches as a result of different cybersecurity incidents," Moiseev says.

"Though we may be accustomed to leaving different information about ourselves on the Internet, we still need to control what we really want to make public and what we don't.

"That's why it is important to understand how our data can be used if it appears in the wrong hands - for phishing, social engineering or account takeovers. And, if this happens, it is important to be prepared and use dedicated protection on our devices."

Kaspersky security expert Dmitry Galov says it would not be surprising if attackers are seen using information obtained from the breach in targeted phishing attacks.

"Attackers could also use the information to impersonate the person whose data was breached," Galov says.

"In order to stay safe from scammers who may be exploiting this data, take extra precaution when you receive emails that seem strange - even if they appear to come from someone you trust.

"Never click on any links or attachments inside emails and always check for strange grammar/spelling errors (a sign that the email is not from the person it claims to be)."

Never miss a news update, subscribe here. Follow us on LinkedIn, Instagram and Twitter.

Business News Australia

Get our daily business news

Sign up to our free email news updates.

 
Unpacking equity: Finding your funding fit
Partner Content
Armed with a growing business and a great opportunity, a business owner’s next challe...
Australian Business Growth Fund
Advertisement

Related Stories

Car pricing platform AutoGrab accelerates global ambitions through JATO partnership

Car pricing platform AutoGrab accelerates global ambitions through JATO partnership

After rapidly growing its business in Australia over the past four ...

Genesis Capital lifts Pacific Smiles takeover bid to $279 million

Genesis Capital lifts Pacific Smiles takeover bid to $279 million

Pacific Smiles (ASX: PSQ) suitor Genesis Capital has brus...

Marmalade raises $16m as invoice payment startup aims to process $1b in 2024

Marmalade raises $16m as invoice payment startup aims to process $1b in 2024

Melbourne-based invoice payment platform Marmalade has raised $16 m...

Hola Health greets a new chapter in telehealth with $4.5m pre-Series A raise

Hola Health greets a new chapter in telehealth with $4.5m pre-Series A raise

Perth-based telehealth and medicine delivery company Hola Health ha...