On Monday, the Computer Emergency Response Team issued a warning, stating that it has been confirmed that there has been a large-scale leak of Facebook profile information around the world.
After personal data of 533 million Facebook users worldwide, including details of 6.1 million users from India, was allegedly leaked online and posted for free on hacking forums, the government’s premier cyber security organisation, CERT-In, has urged Facebook users to protect their profile information on the social networking site.
On Monday, the Computer Emergency Response Team issued a warning, stating that it has been confirmed that there has been a large-scale leak of Facebook profile information around the world. Email addresses, profile IDs, full names, work titles, phone numbers, and birth dates are among the data revealed.
Financial information, health information, or passwords are not among the scraped data, according to Facebook. According to the public alert and based on the investigation of Facebook, the threat actors scraped this data prior to September 2019 by using Facebook’s “connect Importer” function, which enables users to locate other users by using their phone numbers.
Data scrapers may use “public” information of an individual to “sync and combine with data from other breaches to access even more of their personal information and accounts,” according to the report. Users can consider changing their profile settings to “online” or “friends” only. It also asked users to change their privacy settings on Facebook, such as who can find and contact them, and whether they should set them all to “friends” or anything tighter for better security.
“As the Facebook platform evolves and grows, parts of your account could be public. Data could also be collected and shared in ways you don’t know about,” CERT-In said in a public advisory issued on Monday.
The warning urged users to practise good cyber hygiene and confirmed that Facebook had instructed them to “make sure that their privacy settings reflect what information they want to share publicly and who they want to be able to look at them by phone number”.
Facebook has also advised account holders to use two-factor authentication, also known as 2FA.