Data breaches through Facebook

Cyber security attacks continue to increase in both size and severity. It is next to impossible to predict the emergence of new risks. There is growing identity theft and data breaches are becoming an ever-growing problem, it’s important to not only have a different password for each account, but to make those passwords easy to remember and hard to guess. In order to truly protect themselves, businesses must remain informed on the latest cyber security trends.

With the Facebook data breach in 2022, the social media platform revealed that it had discovered over 400 fraudulent Android and iOS apps targeting internet users to steal their login information this year. According to Meta Platforms Inc., one million Facebook users may have stolen their account credentials due to security flaws with apps downloaded from Alphabet Inc. and Apple Inc.’s app stores.

Meta has informed both Apple and Google about the issue in order to prevent users’ data from further being compromised. These harmful apps work by disguising themselves as photo editors, mobile games or health trackers, Facebook stated.

Apple claims that 45 of the 400 problematic apps were available on the App Store, and those apps have now been taken down. According to a report, Google uninstalled all fraudulent apps related to the Facebook data breach 2022.

According to Facebook, these hazardous apps masquerade as picture editors, mobile games, or fitness monitors.

Photo editors made up 42.6% of the malicious apps, followed by productivity tools (15.4%), phone tools (14.1%), games (11.7%), VPNs (11.7%), and lifestyle apps (4.4%) related to the Facebook data breach 2022. Interestingly, most iOS apps masqueraded as tools for managing ads for Meta and its Facebook affiliate.

Meta stated that if the login credentials were obtained, attackers “may possibly acquire full access to a person’s account and do things like message their friends or access confidential information.

The Director of Global Threat Disruption at Meta, said, “Cybercriminals know how popular these types of apps are and use these themes to trick people and steal their accounts and information. If the login information is stolen, attackers could potentially gain full access to a person’s account and do things like message their friends or access private information.”

There are certain best practices one should follow, such as, Reset and create new strong passwords. Never reuse your password across multiple websites. Enable two-factor authentication, preferably using an Authenticator app, to add an extra security layer to your account.

S Mohini Ratna, Editor, VARINDIA