Last week, Facebook notified the public of a data breach affecting almost 50 million accounts. The breach, which took place on September 25, 2018, was the result of attackers exploiting a vulnerability in Facebook’s code.
Quotes
"The Canadian Centre for Cyber Security is aware of the incident and is advising Canadians to read the latest advice Facebook has published."
“Based on current information, we understand that Facebook has fixed the flaw and temporarily disabled the ‘view as’ function.”
“Users should be aware of and guard against possible phishing attacks, as any data accessed may be used to make phishing attempts more credible.”
Information and advice related to this incident
Key Contacts
- For concerns related to these and other cyber security related issues please contact the Cyber Centre.
- If a member of the public thinks they have been a victim of cyber crime or cyber-enabled fraud, they should contact the Canadian Anti-Fraud Centre.
Possible implications of a data breach
Anyone can be a target of phishing e-mails at any time. If your data has been breached, it may be used to make phishing attempts more credible. Phishing attempts may come through Facebook messaging or through email for Facebook users who shared their email addresses with friends.
How to detect phishing e-mails
While phishing e-mails can be hard to identify, there are a number of proactive ways to avoid falling prey to them and triggering a cyber-incident. Before opening attachments or links embedded within an e-mail, take the following steps:
- Make sure you know the sender of an e-mail and that its tone is consistent with the sender.
- Make sure that the Web address or attachment is relevant to the content of the e-mail.
- Make sure that the sender’s e-mail address has a valid username and domain name. A suspicious e-mail address could be similar to the one below:
“John Doe <ohndoe.%nklo17er@gkmail.com>”.
Fraudulent phone calls
If your phone number was released in a data breach incident this may lead to an increase in fraudulent calls. If you receive a suspicious phone call, remember never give remote access to your computer in response to an unsolicited call.
For more information, please see Get Cyber Safe’s guidance on the following topics:
About the Cyber Centre
- The Cyber Centre informs, communicates, and educates Canadians about cyber security issues by providing a clear, trusted, credible voice backed up by unique expertise and insight. The Cyber Centre acts as the operational leader and government spokesperson during cyber security events and provides leadership on national cyber security issues.
- The Cyber Centre is an outward-facing organization that welcomes industry partners for collaborative work on the toughest cyber security challenges Canada is facing.