Connect with us

Publications

Understanding The Facebook Data Leak: 533,000,000 Facebook Records Were Leaked

Avatar

Published

on

Zen Chan Hacker Noon profile picture

@z3nch4nZen Chan

Interested in Infosec & Biohacking. Security Architect by profession. Love reading and running.

Understanding the Value of Privacy Via the Facebook Data Leak

“They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.”
Benjamin Franklin

If a researcher conducted a survey asking people how important personal privacy is to them, the vast majority of respondents would reply “very important,” even though those same respondents would probably engage with social media platforms such as Facebook, Instagram, or Twitter within minutes of answering the survey.

This is the problem with the word “privacy” — a very subjective concept among us as different people look into the same problem from a different angle. Digital privacy presents a new angle. These days, we are forced to weigh either privacy or convenience and usefulness.

Social media platforms exacerbated the problem by lowering our guards on giving up part of our identity globally. Some individuals have no concern about the general public knowing intimate aspects of their lives, posting every vacation, meal, and life event to an overabundance of social media followers.

These people value digital engagement and social interaction much more precious than they value the privacy of their personal information, and for this, they are at risk of irreversible damage.

I did not pay too much attention to the leak until I saw the Facebook spokesperson’s tweet. She told Business Insider that the data was scrapped due to a vulnerability that the company patched in 2019. That means the problem is fixed, in her perspective.

https://twitter.com/liz_shepherd/status/1378398417450377222

I do not know much about Liz, so I would not comment on her tweet, but if she thinks a data leak is a matter that can be fixed afterward, like filling the hole on the ground, then she is missing the largest piece of the puzzle.

The Origin of the Leak

A user of a low-level hacking forum posted the records of hundreds of millions of Facebook users for free online on 3rd April 2021. This is no surprise for many of us; still, it is concerning, and some of the insight may worth mentioning not just to my friend but everyone who cherishes privacy.

According to Business Insider, the data exposed involves over 533 million Facebook users from 106 countries, including over 32 million records on users in the US, 11 million on users in the UK, and 6 million users in India. More alarming is that the records hold the following information:

  • phone numbers
  • Facebook IDs
  • full names
  • locations
  • birthdates
  • bios
  • email addresses

According to Alon Gal, CTO of cybercrime intelligence firm Hudson Rock, who first discovered the leaked data in January when a user in the same hacking forum advertised an automated Telegram bot that could give phone numbers to users in exchange for money.

The Telegram bot lets users enter either a phone number to obtain their Facebook ID or visa versa. The bot’s initial results are redacted, but users can buy credits to reveal the full phone number.

Facebook said the data contained Facebook IDs created before Facebook’s fix of the contact vulnerability. Facebook also tested the bot itself against newer data and that the bot did not return any results.

Three Instant Actions to Limit Your Loss

If you are having a hard time finding the database online and check if you are on the list, it is a waste of time. The first thing you want to do is to assume your data is exposed. What is exposed is not recoverable on your side, as you never know who gained access to your data.

1# Check if You Are Over-Exposed

I often use the term “digital social distancing” to illustrate the concept of Least Privilege. Like what you are doing physically when going to the public, try keeping a distance between you and other people is the best way to avoid infection.

After you know that what is leaked, you may want to limit the exposure of yourself online from now on, check on all your social media platforms and instant message applications for personal information published.

If you think it is what you want people to know, then leave it as it be. But if you are scared something like what Facebook did this time would happen again (and it would probably will), try giving up your information on a “Need-To-Know” basis.

2# A Strong Password

Personal data could be used as something to identify who you are. If it was in the wrong hands, they could disguise you and claim what you have on your behalf without knowing it.

Protecting your identity would require stronger authentication. I strongly recommend adding a layer of security by enabling Two-Factor Authentication for your accounts.

If you think that would be too difficult to start, start with changing your password. I wrote about this earlier this year and hoped you would find it useful in the wake of this kind of hacks.

Firefox offers free services to safeguard users’ privacy. FOr example, we can use Firefox Monitor to keep tracking if our email accounts are exposed to breaches. (If that is the case, you may consider using another email to avoid spam or targeted email attacks.)

But the most recent innovative solution to prevent email exposure in the first place is interesting. It is called Firefox Relay.

Firefox Relay makes it easy to create aliases, randomly generated email addresses that forward to your real inbox. Use it to protect your online accounts — and your identity — from hackers.

In short, it is an easy-to-use tool to give a random email address to sign-up online. Firefox Relay would act as a middle man to pass along the messages from the random email accounts to your true email address. By that, if the sign-up website is hacked or it was originally a phishing website, your email is safe, at least.

The Three “What” During Data Sharing

When deciding on sharing personal information, there are three “What” you should consider:

1# What Personal Information Is the Company Asking For?

Some websites may only ask for basic information such as a zipcode or an email address. Still, others may ask for a phone number, home address, or personal ID number. As mentioned, if this information was stolen, you lose it forever.

2# What the Company Does With the Personal Data It Collects?

What kind of personal data is being recorded, stored, and especially shared with third parties. Many organizations frequently send customers’ data to third parties or use it to conduct targeted marketing and advertising campaigns. Take a look at the user agreement of Facebook as a reminder.

3# What is the Level of Comfort in Sharing Your Data?

There is always a risk that organizations could become victims of cyberattacks. To determine how risky associating with certain circumstances can be, please make sure to:

  1. Read the organization’s terms and conditions and privacy policy statements. Look for the section that can answer the two “What” above. No need to read it thoroughly, but do not click “agree” immediately.
  2. Learn about your privacy rights as defined by GDPR, CCPA, and other data/ privacy regulations. Knowing your rights does not immediately make your data safer but could tell you when and how to find the organization accountable after an incident.

Final Words — The Value of Privacy

Different from our physical world, we may not be aware that data is being stolen. When digital data is “stolen,” in fact, the data is still there. All “0” and “1” can duplicate infinitely without an error. Putting this into our personal data, hackers could use the perfect copies for impersonations or phishing.

A phishing message possibly related to the Facebook leaks | Copyright by the author

One example is the message I got yesterday from a friend saying that he send me the SMS by error. But the truth is his phone number was exposed and hijacked to use as a pawn for further hacks. If I replied the SMS code to the spammer, then he/ she could gain access to my WhatsApp and send messages to my contacts.

Personal data, in a sense, is part of who you are. Although the exposed data is from 2019, it is definitely a great risk to most of us. Unlike a password, which could be changed if it was stolen, you would not change your full name if you find your data is exposed (right?).

If your biometric data, such as registered fingerprint, was stolen, then you cannot use it as your identity anymore. Why is that? Because you cannot use it to prove it is truly you if someone else also has the same attributes. That is also the reason why biometric data are mostly stored locally to prevent massive leaking.

As a result, once the personal information is exposed, you lose them forever. There is no way to take it back, and the best you can do is to use another finger for authentication and revoke the enrollment for the previous one. Keep this in mind, so you really understand the value of privacy is unique.

People think only criminals need to hide. Sadly, they do not know Privacy is our right. We do nothing wrong when we go to the bathroom or have sex. Still, we keep it private. We keep our private journals, sing in the shower, and keep secrets to ourselves as we know that privacy is a basic human need.

So hey Facebook, rather than saying you fixed the problem for us already, with the power and scale of Facebook, why don’t you take a more proactive step to help users to know what is lost and what needs to be changed?

Lastly, for those who want to check if you are exposed. Try it out at HIBP and Firefox Monitor:

Thank you for reading. May InfoSec be with you🖖.

Also published at https://medium.com/technology-hits/all-533-000-000-facebook-records-were-just-leaked-for-free-so-what-43a15f5ffcfb

Zen Chan Hacker Noon profile picture
by Zen Chan @z3nch4n. Interested in Infosec & Biohacking. Security Architect by profession. Love reading and running.Read my stories

Tags

Join Hacker Noon

Create your free account to unlock your custom reading experience.

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://hackernoon.com/understanding-the-facebook-data-leak-533000000-facebook-records-were-leaked-544d35l2?source=rss

Business Insider

George Soros Buys Millions’ Worth of Stocks Linked to Bill Hwang’s Archegos Collapse: Bloomberg

Avatar

Published

on

George Soros reportedly snapped up stocks that took a hit amid the collapse of Archegos Capital Management in March.

What Happened: Billionaire George Soros’ investment firm Soros Fund Management bought shares of CBS Corporation (NASDAQ:VIAC), DISCOVERY COMMUNICATIONS INC (NASDAQ:DISCA) and Baidu Inc (NASDAQ:BIDU) as these stocks were at a discount after Bill Hwang’s Archegos Capital Management collapsed, Bloomberg reports. 

Soros bought $194 million in ViacomCBS shares and $77 million in Baidu shares, the report said. The firm also bought $46 million worth of Vipshop Holdings Ltd (NYSE:VIPS) shares and $34 million of Tencent Music Entertainment Group’s (NYSE:TME) shares.

A person familiar with the fund’s trading told Bloomberg that the company didn’t hold the shares before Archegos’ implosion. 

Why It Matters: Hwang ran a family office that imploded in March and caused massive losses at a few big banks when Archegos couldn’t meet margin calls. Archegos had more than $20 billion of capital and total bets exceeding $100 billion.

Hwang was very successful with his family office until he began to overutilize leverage, or borrowed money, to chase higher returns in the market. The problem with this strategy comes when investments start to lose money, and the banks lending the investor money begin to get nervous and initiate margin calls.

Subsequently, shares of Archegos investments ViacomCBS, Discovery and others temporarily crashed during the Archegos unwinding.

Global banks lost nearly $10 billion from the Archegos fallout. Credit Suisse Group AG (NYSE:CS), Nomura Holdings Inc (TYO:8604) and Morgan Stanley (NYSE:MS) were among the hardest hit.

Image Credit: CC BY 2.5, Wikimedia Commons

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://markets.businessinsider.com/news/etf/george-soros-buys-millions-worth-of-stocks-linked-to-bill-hwang-s-archegos-collapse-bloomberg-1030433240

Continue Reading

Techcrunch

How one founder’s startup journey began with dropping out of school to work with Drake

Avatar

Published

on

This week’s episode of Found features Courtne Smith, founder of NewNew, a social app where people pay to vote on your decisions. The platform takes the concept of social polling to the next level, essentially allowing everyone to monetize their choices by turning them into a kind of social stock market where others can purchase shares to accumulate more or less decision power based on what they’re willing to spend.

Courtne’s path to NewNew was immediately preceded by the creation of Surprize, a social trivia and prize-giving app that leveraged crowdsourcing to pick and award its prizes. But long before that, the Toronto native made a bold decision — encouraged by, of all people, her pastor father — to drop out of school and go work for Drake the very outset of his career as his personal assistant.

We talked to Courtne about making that risky deviation from a relatively traditional and safe path, and about how she eventually moved on from many years of working with Drake during his rise to global success: Another counterintuitive decision to go from something that was already working out well, to pursue something unknown. Courtne tells us about her overall entrepreneurial drive, which has always stemmed from a desire to create something game-changing, and about how when it came time to attract investors for her ventures, she opted not to leverage her deep-pocketed connections and instead sought capital on the merits of her ideas alone.

We had a great time chatting with Courtne, and we hope you have just as much fun listening. And of course, we’d love if you can subscribe to Found in Apple Podcasts, on Spotify, on Google Podcasts or in your podcast app of choice. Please leave us a review and let us know what you think, or send us direct feedback either on Twitter or via email. And please join us again next week for our next featured founder.

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://techcrunch.com/2021/05/16/how-one-founders-startup-journey-began-with-dropping-out-of-school-to-work-with-drake/

Continue Reading

AI

CBDCs Are Not That Stable And May Eventually Kill Bitcoin, Says Financial Expert

Avatar

Published

on

In early Sunday trading, BTC prices had fallen to their lowest levels for over 11 weeks, hitting $46,700 before a minor recovery.

The last time Bitcoin dropped to these levels was at the end of February during the second major correction of this ongoing rally. A rebound off that bottom sent prices above $60K for the first time in the two weeks that followed.

Later today, Bitcoin is going to close another weekly candle. In case the candle closes at those levels, this will become the worst weekly close since February 22nd, when BTC ended the week at $45,240, according to Bitstamp. Two weeks ago the weekly candle closed at $49,200, which the current lowest week close since February.

Second ‘Lower Low’ For Bitcoin

This time around, things feel slightly different and the bearish sentiment is returning to crypto-asset markets. Since its all-time high of $65K on April 14, Bitcoin has made a lower high and has now formed a second lower low on the daily chart, which is indicative of a larger downtrend developing.

Analyst ‘CryptoFibonacci’ has been eyeing the weekly chart which also suggests the bulls could be running out of steam.


ADVERTISEMENT

The move appears to have been driven by Elon Musk again with a tweet about Bitcoin’s energy consumption on May 13. Bitcoin’s fear and greed index has dropped to 20 – ‘extreme fear’ – its lowest level since the March 2020 market crash. At the time of press, BTC was trading at just under $48,000, down 4% over the past 24 hours.

Market Cap Shrinks by $150B

As usual, the move has initiated a selloff for the majority of other cryptocurrencies resulting in around $150 billion exiting the markets over the past day or so.

The total market cap has declined to $2.3 trillion after an all-time high of $2.5 trillion on May 12. Things are still high on the long term view but losses could accelerate rapidly if the bearish sentiment increases.

Not all crypto assets are correcting this weekend, and some have been building on recent gains to push even higher – although they are few in number.

Those weekend warriors include Cardano which has added 4.8% on the day to trade at $2.27 according to Coingecko. ADA hit an all-time high on Saturday, May 15 reaching $2.36, a gain of 54% over the past 30 days.

Ripple’s XRP is also seeing a resurgence with a 13% pump on the day to flip Cardano for the fourth spot. XRP is currently trading at $1.58 with a market cap of $73 billion. The only other two cryptocurrencies in the green at the time of writing are Stellar and Solana, gaining 3.7% and 12% respectively.

SPECIAL OFFER (Sponsored)

Binance Futures 50 USDT FREE Voucher: Use this link to register & get 10% off fees and 50 USDT when trading 500 USDT (limited offer).

PrimeXBT Special Offer: Use this link to register & enter POTATO50 code to get 50% free bonus on any deposit up to 1 BTC.

You Might Also Like:

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://coingenius.news/cbdcs-are-not-that-stable-and-may-eventually-kill-bitcoin-says-financial-expert-55/?utm_source=rss&utm_medium=rss&utm_campaign=cbdcs-are-not-that-stable-and-may-eventually-kill-bitcoin-says-financial-expert-55

Continue Reading

Business Insider

VIVO Clinic Unveils New Travel Information Portal

Avatar

Published

on

Leading PCR test provider VIVO Clinic has launched a travel information portal to assist with international trips to and from the UK.

BIRMINGHAM, England, May 16, 2021 /PRNewswire/ — During the pandemic, travel has been severely restricted. Now that the Government has launched a traffic light system designation for every country, UK residents are once again beginning to book holidays for the future.

The travel information portal is a comprehensive resource that provides relevant travel information in one place.

Travellers can browse countries based on the current traffic light designation and live popularity.

When viewing specific countries, travellers can see:

  • Which tests are required before, during, and after their trip
  • Current restrictions in that country
  • Weather, currency conversion, and time difference
  • Up to date Covid-19 statistics for that location
  • Flight and hotel availability

Commenting on the new system, Will Andrews, CTO at VIVO Clinic says: “International travel is set to bounce back in a big way, but understanding current restrictions and requirements can be confusing, and planning a trip can involve a time-consuming slog through many resources.”

The system automatically aggregates hundreds of data sources to provide information for 330 countries.

“We are incredibly proud of our travel information portal and hope that it will simplify international travel so customers can book trips confidently and safely.”

COVID-19 Advice for Travelling from the UK

press@vivoteam.co.uk
0333 305 8486

Related Images

covid-19-travel-portal.jpg
Covid-19 Travel Portal
Travel information portal on iPad

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://markets.businessinsider.com/news/stocks/vivo-clinic-unveils-new-travel-information-portal-1030433230

Continue Reading
AI5 days ago

Build a cognitive search and a health knowledge graph using AWS AI services

Esports4 days ago

‘Destroy Sandcastles’ in Fortnite Locations Explained

Blockchain4 days ago

Shiba Inu: Know How to Buy the New Dogecoin Rival

Blockchain5 days ago

Meme Coins Craze Attracting Money Behind Fall of Bitcoin

Esports5 days ago

Valve launches Supporters Clubs, allows fans to directly support Dota Pro Circuit teams

Blockchain5 days ago

Sentiment Flippening: Why This Bitcoin Expert Doesn’t Own Ethereum

Blockchain4 days ago

Texas House Passes Bill that Recognizes Crypto Under Commercial Law

Aviation4 days ago

American Airlines Continues To Build Up Its Core Hub Strategy

Aviation5 days ago

Reuters: American Airlines adds stops to two flights after pipeline outage

ACN Newswire5 days ago

Duet Protocol closes first-round funding at US$3 million

Cyber Security5 days ago

Pending Data Protection and Security Laws At-A-Glance: APAC

AI5 days ago

Onestream: Data analysis, AI tools usage increased in 2021

Blockchain5 days ago

QAN Raises $2.1 Million in Venture Capital to Build DeFi Ecosystem

Business Insider5 days ago

Rally Expected To Stall For China Stock Market

Blockchain4 days ago

NSAV ANNOUNCES LAUNCH OF VIRTUABROKER’S PROPRIETARY CRYPTOCURRENCY PRICE SEARCH FEATURE

Blockchain4 days ago

Facebook’s Diem Enters Crypto Space With Diem USD Stablecoin

Esports3 days ago

Video: s1mple – MVP of DreamHack Masters Spring 2021

Business Insider4 days ago

HDI Announces Voting Results for Annual General and Special Meeting

AR/VR1 day ago

Next Dimension Podcast – Pico Neo 3, PSVR 2, HTC Vive Pro 2 & Vive Focus 3!

Esports4 days ago

TiMi Studios partners with Xbox Game Studios to bring a “new game sensory experience” to players

Trending