Nearly 29 million users were affected in a Facebook data breach last year, and over 111,000 of those users were Australian citizens. Data obtained in the breach included the user’s geolocation, search history, email addresses, and phone numbers. Almost 48,000 simply had their name, email, and phone number accessed. This left around 63,000 of the users more exposed because data such as geolocation, hometown, most recent check-ins, birthday, education, work history, Facebook search history, name, email, phone number, gender, relationship status, and religion were able to be found. Close to 1,600 private messenger conversations were also able to be viewed. A combination of three bugs allowed the attackers to secure access tokens, which enable Facebook users to stay logged in without having to enter their password after they close out a browser. All Australians affected have been notified since the discovery of the breach last year.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased