The telephone numbers of hundreds of millions of Facebook users were discovered online. A security researcher found 419 million records on an unsecured server, meaning no password was needed to access them. To understand more about the incident, Digital Journal spoke with Jonathan Bensen, CISO at Balbix in relation to Facebook and lessons that need to be learned in relation to other businesses.
Digital Journal: What was the extent of the Facebook data breach?
Jonathan Bensen: 419 million Facebook users’ phone numbers and unique account IDs were scraped and then left exposed in a database that lacked basic password security. Exposed records belonged to members from several countries, including 133 million records from U.S. users, 18 million from U.K. users and over 50 million from Vietnam users. Several celebrities were exposed in the incident as well, according to the researcher that discovered it.
DJ: How was the exposed server uncovered?
Bensen: The exposed database was discovered by Sanyam Jain, a security researcher from the GDIfoundation, a non-profit organization whose researchers, “detect and analyze high risk criminal opportunities, share the risk and vulnerabilities with everybody, inform the ones who are at risk and give free advice about a solution,” according to the organization’s website.
DJ: What has Facebook’s response been?
Bensen: A Facebook spokesperson said the data was scraped before the social media giant cut off access to user phone numbers in 2018, even though the data was uploaded in August 2019. Since the discovery, the data set has been taken down.
DJ: Do the issues affect other businesses?
Bensen: Data breaches due to misconfigurations have become commonplace in 2019 and have affected organizations across all industries. MoviePass, Suprema, Orvibo, Honda and Tech Data are just four companies that have reportedly had leaky servers discovered just within the past three months.
DJ: What can businesses do to prevent data breaches due to misconfigurations?
Bensen: Companies are tasked with the hefty burden of continuously monitoring all assets across hundreds of attack vectors to detect vulnerabilities. Through this process, companies are likely to detect thousands of flaws in their network – far too many to tackle all at once. Therefore, vulnerabilities such as a misconfigured database fail to be remediated in a timely manner.
Enterprises have been increasingly using AI and ML powered security platforms to enable their security teams to get an accurate idea of breach risk by analyzing up to several hundred billion time-varying signals across their network. As a result, corporate security teams and CISOs can continuously analyze the high-volume, high-velocity cybersecurity data generated within their organization’s network and gain real-time visibility into their company’s breach risk. Premier AI-powered platforms even provide prioritized steps to remediate critical issues first, driving cyber-risk reduction throughout the enterprise and enabling them to better protect their customers’ information.
DJ: Are there any actions that consumers can take to better protect themselves?
Bensen: Diversifying login credentials across accounts, enabling multi-factor authentication (MFA) and regularly changing passwords are all basic, yet effective steps consumers can take towards protecting themselves and even their employers from threat actors. Different login credentials will ensure that users keep all of their accounts safe in case the credentials for one account are compromised, MFA adds an additional layer of identity verification to prove users’ identities upon each login attempt, and regularly changing passwords can allow a user to be proactive about their account’s security in the event a breach has occurred but has not been reported or discovered yet.
