Some 213,000 Bruneian Facebook users might be exposed to data leakage, following news reports of the exposure of personal data of over 500 million Facebook users in a low-level hacking forum, according to Brunei’s cybersecurity agency BruCERT yesterday.
In a statement posted on their social media platforms, BruCERT said the worldwide leak includes personal information such as phone numbers, location, email address, birthdates and biographical information, which is widely accessible to anyone.
BruCERT warned that the data could be used by hackers to impersonate people and commit fray and may lead to bad actors taking advantage of the data to perform social engineering attacks, phishing attacks, or hacking attempts.
The agency’s researchers have the data of Bruneian Facebook users that might have been compromised in the leak.
It may also lead to instances of online stalking, the agency added.
In mitigating the impact, BruCERT recommends these steps: reset the password for your Facebook account and use a minimum 10 characters and a combination of letters, numbers, and special characters; use a different password for each of the accounts; use two-step verification for social media, email, and other important accounts; change your password every three to six months; limit sharing of personal information on social media (full name, birthdate, address, phone number), be very cautious about clicking on links, take time to browse Facebook privacy settings and control, past posts and future posts; make sure phone number and email address are hidden from public view, familiarise with the privacy policies of the social media channels used, protect the computer with antivirus software and set it to update automatically, ensure that the browser, operating system, and software are kept up to date; and log off when done.
News agency AFP said that data affecting more than 500 million Facebook users that was originally leaked in 2019, including email addresses and phone numbers, has been posted on an online hackers forum, according to media reports and a cybercrime expert.
AFP cited a Facebook spokesperson who said the reports were old news. “This is old data that was previously reported on in 2019,” the spokesperson said. “We found and fixed this issue in August 2019.”
Some of the data appeared to be current, according to a report in Business Insider which AFP was unable to confirm independently. It said some of the leaked phone numbers still belong to the owners of Facebook accounts.