Two years ago Facebook had the greatest breach according to Alon Gal, a CTO of cybersecurity Hudson Rock security firm. 533 million Facebook users had their personal information leaked. The leak was discovered in January when the Facebook technical team was correcting certain vulnerabilities; the attackers had gotten access and scrapped information of the phone numbers, and addresses of the users.
On 23rd March 2021, California State Controller’s office experienced a phishing attack, where an employee clicked on a malicious liked and logged into a fake website thus granting a hacker access to their email account. The hacker managed to view Personal Identifying Information in Unclaimed Property holder reports and send phishing emails to the hacked SCO employee’s contacts.
Fast-forward to 2021 all those stolen data are being sold to I am guessing not very good people via an automated Telegram account, this means that anyone who paid a fee could search for a user’s email address or phone number and I can guarantee you that people buying or accessing those data will certainly use that information to perform some sort of social engineering, scamming on users.
To make it even worse Mark Zuckerberg is also among 533 million Facebook users who had their personal information leaked online
To make this even easier or worse depending on how you look at it Saturday the malicious actor’s decided to leak the entire database, in full, for free.
Maybe You’re Thinking That You are Safe…..
I urge you to always take any notification of a data breach seriously because you can never be safe and despite what you think It’s impossible to fully guard data against breaches there is always going to be that RISK; this is because the hackers keep on trying new ways of identifying vulnerabilities. It is thus important that the technical security experts have quick responses.
So I urge you today, even if you think you are not concerned about this change your passwords and implementation of two-factor authentication which can help in limiting malicious actors from easily accessing your accounts.