India’s Cyber Arm Asks Facebook Users to Enhance Account Privacy
The CERT-In is India’s nodal agency to deal with cyber security threats like hacking and phishing
India's Cyber Security arm Computer Emergency Response Team (CERT-In) has advised social media platform Facebook users to 'strengthen' their account security after a recent global data leak incident that allegedly exposed personal data of 533 million Facebook users.
"As the Facebook platform evolves and grows, parts of your account could be public. Data could also be collected and shared in ways you don't know about," said CERT-In in a public advisory issued on Monday, 19 April.
The CERT-In is India's computer emergency response team. It is the nodal agency to deal with cyber security threats like hacking and phishing
"It has been reported that globally there has been a large scale leakage of Facebook profile information. The exposed information includes email addresses, profile ID, full name, job occupation, phone numbers and birth date."
According to Facebook, the scraped information does not include financial information, health information or passwords, “however information from more than 450 million unique Facebook profiles globally, including approximately 61 lakh Indian individuals, has been made publicly available in multiple cyber criminal forums for free,”read the advisory explaining the breach.
The database, first leaked in 2019 was sold on Telegram for $20 per search, after which Facebook announced that they had addressed the leak. In January 2021, the database was leaked for the third time (after another leak on June 2020), with the vulnerability that allowed for the search of users’ contact number.
'Cyber Criminals Can Attack Using The Data': CERT-In
"Cyber criminals may scrape data from sites for a variety of purposes, including spamming, information gathering and social engineering attacks."
"They can also sell scrapped data for a profit to other cyber criminals, marketing companies or call centres," it said.
The advisory stated that Facebook has advised individuals to make sure that their privacy settings reflect what information they want to share publicly and who they want to be able to look them by phone number.
Enable Two-factor Authentication, Change Account to Private
CERT-In advises Facebook users to two-factor authentication also know as 2FA. It also asked users to adjust their settings and change it to 'private' for stronger security.
Earlier, this week CERT-In also warned WhatsApp users about vulnerabilities detected in the messaging app.
The advisory reads, "Multiple vulnerabilities have been reported in WhatsApp applications, which could allow a remote attacker to execute arbitrary code or access sensitive information on a targeted system."
(With Inputs from PTI)
(The Quint is available on Telegram. For handpicked stories every day, subscribe to us on Telegram)
Subscribe To Our Daily Newsletter And Get News Delivered Straight To Your Inbox.