According to Business Insider, 11 million users from the UK have had their data compromised in the data dump which saw details published online. Facebook have told Insider that the data had been scraped because of a vulnerability the company patched in 2019.
Although the data is a few years old, it could still be used by cyber-criminals to launch phishing attempts to obtain login credentials and other personal information from affected users. Take a look at our top tips to spot a phishing attack here.
With many of us still having the same usernames, phone numbers, and email addresses as we did in 2019, the data leak could still pose a threat to online safety. To check if your personal details have been leaked, visit Have I been Pwned and enter your email address that is associated with your Facebook account.
For businesses, the leak highlights the importance of protecting data, and should remind businesses of the implications of not complying with GDPR regulations – including substantial fines, damages to brand reputation, and the cost of recovery for mismanaging personal data. To help keep your data safe, we’ve compiled a list of top tips to help you prioritise data privacy.
Only collect what you really need – Make sure the personal data your business collects is stored safely and is used for legitimate business purposes that comply with GDPR rules and regulations. As GDPR rules apply to all personal data your business keeps, ensure your organisation has a documented data protection policy that is adhered to.
Communicate with customers – Consumers have become increasingly aware of what data they share and how their personal information is being used. Communicating consistently and remaining transparent in the steps your business is taking to protect data will help to build trust with even the most sceptical customers, and show that you take data security seriously.
Staff training and awareness – By educating employees on best privacy protection practices, including how to correctly report incidents, future breaches can be avoided, and current data protection strategies can be improved to ensure GDPR compliance.
Use long and strong passwords – To access customer and client data, we recommend using a long and strong password over 12 characters to help keep your data safe. Take a look at our handy guide to creating strong passwords here.
2FA/Multi-factor authentication – MFA provides an additional layer of security that requires users to verify their identity before access to business accounts is granted. Implementing MFA can help businesses to protect their data, and ensure it doesn’t fall into the wrong hands, in the event that passwords are guessed or compromised.