Stolen card data is reportedly being advertised on Facebook, as well as login information for popular sites like Netflix and Amazon.
There are said to be hundreds of Facebook groups being used to sell on stolen information, which puts one heck of a twist on the development of the Facebook marketplace and the company’s efforts to be a more commercial platform for users.
Over a hundred Facebook groups with hundreds of thousands of members have apparently been identified by security researchers who say that the groups are dedicated to hacking, fraud and money laundering, with some of the groups having been active for almost a decade.
Facebook has been in the limeligh when it comes to data protection issues in recent months after the Cambridge Analytica scandal that saw the personal data of Facebook users being misused. This latest story about the discovery of criminals using Facebook to sell on stolen information for fraud is incredibly concerning.
Thanks to the misuse of the social media platform, criminals are able to sell credit card details for fraud and sell data for targeted attacks and account takeovers.
The dangers of data being compromised highlighted
This issue highlights the dangers of even small data breaches that are often batted off by organisations who commit them. When its “only email address” or “only contact information” the organisations are often quick to dismiss the seriousness of the data breach, highlighting that it isn’t things like card details that have been breached.
But, when we have criminals coming together and sharing and selling stolen data, you have an easy platform to combine information from numerous hacks and breaches to be able to build a good enough profile of a person to be targeted. The issue of criminals coming together on Facebook proves, yet again, that any data breach – no matter how big or small – is always serious.
Organised data crime is an ongoing problem. Criminals are even using the money they gain from frauds and hacks to create better malicious software; effectively innovating and reinvesting in the same way any legitimate business might. Until business start taking data security seriously, people will always be at risk. And today, on “GDPR Day”, the crackdowns are coming!
IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.
Request a call back from our team
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.