CERT-In issues advisory on Facebook data leak, over 6 million Indian users affected
India’s cyber security agency CERT-In (Indian Computer Emergency Response team) on Monday issued an advisory regarding the recent Facebook data leak.
The advisory has asked users to review Facebook privacy setting and ensure that profile data is not shared publicly. Flagged earlier this month, the Facebook data leak affected millions of users across 160 countries.
According to the advisory, the leaked data included full name, profile ID, full name, job occupation, phone number and date of birth of the users. The compromised data belonged to 450 million unique Facebook accounts globally, including 6.1 million Indian individuals.
However, no financial information or passwords of individuals were leaked, CERT-In said.
Earlier this month, Mike Clark, product management director at Faacebook said that the hackers had “scraped” data. “We believe the data in question was scraped from people’s Facebook profiles by malicious actors using our contact importer prior to September 2019. This feature was designed to help people easily find their friends to connect with on our services using their contact lists,” he said in a blog post.
Later, in a separate blog post, Clark said that Facebook was taking a “variety of actions” against data misuse, including sending cease and desist letters, disabling accounts, filing lawsuits against scrapers engaged in egregious behaviour and requesting companies hosting scraped data to take them down.
The social media giant has previously been a target of data leaks. The widespread Cambridge Analytica data breach affected 87 million Facebook users, sharing their personal data with the British political consulting firm. However, the unlawful data collected through third party API-integration effected Facebook users mostly in the US. More recently in India, WhatsApp in May 2019 reported that Israeli Surveillance group NSO was tracking over a 100 Indian journalists, social activists and individuals through its Pegasus spyware.