The Facebook leak is a problem for businesses: how do you protect your organisation?
The major Facebook leak, in which millions of Belgian personal data were freely available online, constitutes a great danger for companies: the man in the street, whose data was now made public, is after all also an employee within your organisation. What exactly are the increased risks for your company and what measures can you take as an employer?
Data from over 500 million Facebook users can currently be found online free of charge. It concerns valuable information such as names, relations, e-mail addresses, dates of birth and telephone numbers. In addition, LinkedIn appears to be the victim of a similar leak: once again, 500 million profiles have been made public. This means that more than a billion employees now pose a great risk in the workplace. The consequences of both leaks will be felt for years: it concerns very sensitive and personal information that allows hackers to approach their victims in a very credible way. Those who fall into the trap open the door to their company's valuable assets.
How is the leaked data misused?
- Criminals now have access to a goldmine of information that makes it easy to target employees even more specifically. Thanks to leaked social media data, a criminal knows where you work, who your colleagues are and what is going on in the organisation. He processes this information in a highly credible e-mail to your colleague - in your name - and asks for help to solve that particular problem. This is a form of thorough spear phishing.
- It was already possible to mimic email addresses; with the leaked information, it is now child's play to misuse a colleague's phone number, which gives the appearance of reliability. If your colleague sends you a WhatsApp message asking what the login code for the company network was again, you will obviously want to help him, won't you?
- A lot of management information is now openly available, many hackers will use this to impersonate the CEO or manager of your organisation. If your 'boss' sends you a text message telling you that a 'forgotten invoice' needs to be paid quickly, do you dare to object?
- With so much new personal data, it suddenly becomes much easier to set up several new accounts in your name and approach your colleagues. After all, a credible but fake Facebook account is easily set up by a hacker and he will silently join the social circle of your colleagues - identity fraud is the runner to open the company doors wide.
These sophisticated criminal techniques will increase exponentially thanks to these gigantic leaks. The technology to combat them is there: AI-driven training software that automates personalised micro-training, training employees without significant effort to protect not only themselves but his or her company.
With these alarmingly far-reaching leaks, the time for prevention is over; now it is up to every manager to take responsibility. Those who only start doing so tomorrow are putting their company in the shop window themselves.
