Facebook Data Breach Exposes User Data
540 Million Facebook Users Impacted
User ID's, Friends Lists and Photos Among the Data Exposed
Two separate databases that stored Facebook user profile details on unsecured Amazon AWS cloud servers were discovered this week by cybersecurity research firm Upguard. It was just last April that Facebook admitted malicious actors had likely accessed user data for all of Facebook's 2.2 billion users. This time, the world's biggest social network is not to blame.
The massive data breach was tracked back to Mexico-based media company Cultura Colectiva. Another 3rd-party app, At the Pool, also improperly stored user profile data in a different AWS database, contributing to the breach.
Upguard notified Cultura Colectiva and Amazon of the exposed data in January. Apparently, no action was taken until April 3rd.
What This Means for You
The databases have been secured and taken offline. While it's unknown whether affected Facebook users will be notified that their data has been compromised, this latest breach is a good reminder to change your passwords, especially passwords used with Facebook.
IT security best practices call for changing your passwords every 90 days. This may not be achievable for many users. A reasonable goal would be to change your passwords twice a year. Picking notable dates, such as Mother's Day or the first day of school makes it easier to remember. Just like we're supposed to change the batteries in our smoke alarms when the time changes. Pick your dates and put a note on the calendar.
How Do I Create a Secure Password?
Rather than trying to create and remember a password, try using a phrase or expression. After you've picked one, use the first letter of each word in the phrase. Substitute numbers and special charachters for two or more of the letters. Viola! You've created an easy to remember, secure password.
Our Support Center has a How-To article on creating secure passwords that illustrates how easy it can be.