The social media giant, Facebook, suffered a devastating data breach of about 533 million of its worldwide userbase. The victims of this breach are mainly concentrated in the US with 32 million users, the UK with 11 million users, and India with 6 million users. Source
The vulnerability of social media has been quite well known, but very little has been done to counteract it.
A tremendous amount of data was poured all over the internet, which included usernames, Facebook IDs, birth dates, and even sensitive data such as personal contact numbers, email addresses, and locations.
If you want to check if your data was leaked in this breach, you can use Payatu’s secure portal, which is built to provide internet users a safe method to verify the security of their Facebook Data. It is currently available only for Indian Numbers; however, we would be trying to make this available for everyone. Check out the portal’s FAQs to learn more!
High-severity vulnerabilities, like the ones exposed in this attack, must be addressed, and companies need to take up the initiative and responsibility to do so. As a user, you might need to consider weighing up your options when it comes to privacy and data security and take its control into your own hands.
So what more could the company have done? Is there something a user can do about it? Here are 5 key lessons to be learnt from the Facebook Data breach:
1.Even the biggest names in the industry are vulnerable
History keeps on repeating itself. Over the past year, social media platforms such as Twitter, TikTok, Instagram, and now Facebook have been on the receiving end of several sensitive data breaches.
If there is a vulnerability, it will be exposed. There are no exceptions, especially when it comes to enormous internet communities. Whether you are a small-time start-up or an industry veteran, hackers won’t hesitate to hit right where it hurts.
2.Your data might not be in the safest of hands
A fairly large section of internet users are unaware of how their data is being handled, especially with organizations not being completely transparent with how the user data is being used.
- Informs users about privacy procedures and policies.
- Protects the user from liability.
- Comprehensively describes the personal data being collected with an inclusion of the appropriate clause in the user agreement.
- Informs the user about the purpose of the data collection along with its use.
- It is up-to-date and complies with the Data Protection Laws.
3.People need to be more vigilant with the data they store online
Emphasizing the aforementioned point, it ultimately falls into the hands of the users of what they do with their data and where they choose to keep it.
In this case, a user can choose not to give fully authentic details or any details for that matter (wherever unnecessary) about himself/herself, especially on social media sites.
A few measures could include:
- Not providing living addresses.
- Using a slightly altered version of your real name or birthdate
- Not storing phone numbers.
However, keep in mind that these measures could make it difficult to recover your account in case you’ve forgotten your password or lost access. We suggest using a password management tool to keep tabs on such credentials. The suggested measures would work for sites such as Facebook or Instagram, however, each site has its own policy on how legitimate they want the data/ the user to be, so the applicability of these measures vary respectively.
4.Users could shift towards safer alternatives
If, in any case, a user feels that his/her privacy is at risk of being violated, they tend to shift towards alternatives that are ultimately more secure.
Take the WhatsApp snafu into consideration. At the slightest hint of mismanagement of their data, a considerable portion of its users jumped ship and sailed along with Signal, the arguably much safer alternative which also uses end-to-end encryption to safeguard users’ privacy and doesn’t desire to share, analyze, profit from user data, contrary to what WhatsApp does.
This Facebook breach also uncovered quite an amusing detail that even its own founder and CEO, Mark Zuckerberg, whose company also took over the ownership of WhatsApp back in 2014, also has an account on Signal. This was reportedly uncovered as he owns one of the leaked phone numbers.
Other social media sites should ideally look up to LinkedIn and provide its end-users with granular control and maintain transparency about how their data is being handled.
5.Companies need to do more to protect user interests
Data security seems to be flying under the radar for most social media platforms as they gear up to focus more on ways to enhance customer experience and increase revenue.
This poses a massive problem in the long term as in the event of a privacy breach, there’s not only a breach of sensitive data but also of the users’ trust.
So it is only logical to also invest more into making the user experience more efficient and safer to increase the chances of retaining that user.
You can do so by investing in cybersecurity the right way. Check out my other blog, where I talked about how you can get the utmost value out of your cybersecurity investment.
Payatu, with its decade-long track record, has thrived when it comes to providing its customers with high-quality, research-focused assessments. If you’re looking to make your customers’ experience safer, you avail any of our wide range of cybersecurity assessments. Click the button down below to get started on your organization’s journey with Payatu.