One of Australia’s biggest stadiums, the MCG, could be filled to capacity 80 times over by the number of Australians whose data was leaked in a recent Facebook privacy scandal.
Over Easter long weekend, the private information of half a billion people – including 7.3 million Australians – was shared for free on the internet. This data, which includes phone numbers, emails, full names, and physical locations, has been circulating the internet since Saturday.
Now, anyone with an internet connection and access to Google has the potential to exploit affected users. Through hacking, scamming, and marketing schemes, the availability of this information puts millions of Australians at risk.
How you can be affected?
The leak was first spotted in January by Alon Gal, Co-Founder of the Israeli cybercrime intelligence firm Hudson Rock, who discovered an automated Telegram bot was selling sensitive data in online forums.
“Bad actors will certainly use the information for social engineering, scamming, hacking and marketing,” Gal posted in a Twitter thread.
While avoiding these hackers sounds straightforward – don’t open any suspicious text messages and monitor for any unusual email activity – the situation is more treacherous than it seems.
To begin with, cybercriminals may use your personal information to hack into your private accounts and exploit you.
A hacker may also use ‘smishing,’ or SMS texting and phishing, where they disguise themselves as a reputable company and encourage people to share private passwords and /or credit card numbers.
These bad actors may also spread malware and unsafe links via text messages.
Some of these fakes can be extremely convincing even to those with highly-developed media literacy. It is better to take measures to protect yourself than risk being exposed by cybercriminals.
What can you do about it?
As someone who has studied the inner workings of social media over the past year, I have compiled a list of steps that can be taken to protect yourself against the data leak:
- 1. Check to see if you have been included in the data breach
- One of the first steps in protecting against leaked information is to check if you have been included in the data breach. Facebook has not made an official statement yet, meaning you must rely on a third- party website to check the status of your information. Australian web security consultant Troy Hunt has developed a website called haveibeenpwned.com that checks if your data has been leaked.
- 2. Update your details
- If you were waiting for a sign to update your passwords or download password-managing software, now is the time to do it. For some, this might mean making your passwords more complicated or using the password manager for added security.
- 3. Considering limiting information on Facebook
- A question to ask yourself: How much information does Facebook really need to know about me? The first steps towards limiting this information could look like changing the date of your birthday or deleting your relationship status.
- 4. Monitor for unusual activity
- Cybercriminals who have access to your phone number and email may use them to scam or hack you. For example, do not open any strange text messages and look out for log-in activity that you did not approve. As good practice, always do more research if you feel like you are being scammed. Some companies have a page where they outline their email/texting policies.
Is there hope?
As serious as the data breach is for millions of Australians across the country, media professionals should update their details and secure their passwords immediately.
Although we cannot put the data genie back in the bottle, we can teach people how to protect themselves online in future.
Ultimately, the rules are simple: Change your passwords, update your information, and monitor for any suspicious activity.