Facebook Breach

Here’s What Business Owners Need to Know About the Facebook Breach

The Facebook Breach Affected 50 Million Users

 

Facebook recently announced a major data breach took place on Friday the 28th of September, in which an estimated 50 million personal accounts were put at risk by a flaw in the social network’s code. It allowed hackers to take control of user’s profiles via “access tokens”. Facebook has since fixed the issue, reset over 90 million accounts and informed the authorities so they could investigate.

Since most businesses today have Facebook pages and/or profiles this article summarizes everything you need to know about this incident, and how you can protect yourself in the future from similar events.

 

Was My Account Affected?

 

As you will know business pages are usually set up or controlled by personal profiles, so it is possible that hackers could have gained access to business information during the breach. Since almost all of your business page’s information is public it is highly unlikely that they would have been able to find any potentially sensitive information.

The “access tokens” that allowed the hackers access to profiles are what prevent you from having to log in every single time you visit Facebook. They remember your information and they can also be used to log in to other apps that use Facebook credentials for log in purposes (e.g. Airbnb, Spotify, Uber etc.).

If you’ve recently visited Facebook and found that you’ve inexplicably been logged out, then it is possible that you have one of the 90 million accounts that have been reset by the Facebook team to safeguard your information. You should also receive a notification to let you know that this is the case.  

 

How to Protect Your Business from any Future Breaches

 

Even if you have not been affected by this particular data breach, it is wise to protect yourself online so that your business does not suffer as a result. Here are some great tips to protect yourself on Facebook.

 

Conduct a Device Audit

 

You always have the ability to track who is accessing your profile by conducting a device audit. Click on the “settings” tab of your Facebook profile, next go to the “security and login” tab.

Once you’ve opened this tab you will see a list of devices that have been used to access your Facebook page. If you don’t recognize one of them, you can remove the device and prevent it from logging in again.

 

Reset Your Password

 

You should be doing this on a fairly regular basis anyway and it should not just apply to Facebook. Although Facebook suggests there’s no need to do this, it’s a good habit to get into regardless.

To reset your password, follow the same steps as above, once again, in the “security and login” section you will see the option to change your password. If possible, make it a range of characters, numbers and if possible include a symbol to increase its strength.

 

Enable Two-Factor Authentication

 

For the highest level of security, you can enable two-factor authentication. This will mean even if someone gains access to your password they won’t be able to access your account. It protects your account by forcing you to enter a unique code sent via text message, call or email after entering your password.

To enable this feature simply follow the same steps once more and find it in the “security and login” section of your settings. Please bear in mind that if there are several people running your business Facebook page then it may become difficult for multiple employees to log in.

 

Where Can I get Help with Online Security?

 

Obviously, Facebook is only one social network out of several and a business can never be fully safe from online attacks. In fact, most businesses fall foul to phishing scams rather than data breaches. This is where hackers and fraudsters pretend to be the company they are trying to gain access to.

For example, it is likely that there are currently several scams nationwide whereby hackers are pretending to be Facebook employees asking for username and password details in order to “reset your account” after the recent data breach.

If anybody does indeed hand over their information, this will simply allow the hackers to access the account and steal any information they please.

This can be a daunting task to be constantly vigilant with potentially bogus and dangerous emails. In this case you may need professional help with your online security, particularly if you deal with sensitive personal information (for instance, medical or financial records).

IT support companies such as SOS|Support can offer remote assistance to both prevent and provide assistance in the case of any potential phishing attacks, data breaches and computer virus infections.

If you would like to speak to us about how we can protect your business online today make sure to contact us, and one of our representatives will respond as soon as possible.