Private information associated with some 7.3 million Australianonline after a massive data breach. Fraudsters gained access to the data in 2019, after which it was traded for money for a while before being unceremoniously dumped this week for the world to see.
The data includes the phone numbers of many of the phone numbers is noteworthy,” said Troy Hunt, an Australian web security expert, and creator of the site Have I Been Pwned., an aspect that sets the data breach apart from many other incidents. It’s more common than email addresses and passwords are . “The exposure of
The site lets users plug in their email address or phone number to determine if it’s been included in any data sets exposed by criminals. Pwned is internet slang for “owned” – in other words, compromised. It can be unsettling to find out one’s personal details have been exposed in a hack. In some cases, plugging in an email address into Mr. Hunt’s website can , some dating back over a decade.
But it’s good to be aware that it has happened. People are encouraged to change their passwords – as often as possible, significantly if it’s been associated with an online account that has been compromised. As for the latest incident, while it’s unusual and quite big – more than half a were affected – it’s actually not as worrying as some other breaches, Mr. Hunt said.
“There were no passwords exposed, so you don’t have to worry about that. I would recommend heightened awareness more than anything,” he said. A possible consequence of having one’s phone number, mainly when associated with other personal details like name and suburb, is that scammers could seek to take advantage by sending spam messages or attempting a phishing attack.
Phishing is when a scammer attempts to accessmasquerading as safe ones. Facebook acknowledged the breach had happened in a press statement on Tuesday. But the company said it wasn’t technically a hack. Rather, the attackers of a loophole in the site’s system that allowed it to collect the phone numbers users had provided on a massive scale.
The fraudsters uploaded large sets of phone numbers and matched them to other information using a feature designed to helpon the site by plugging in their numbers. “As a result of the action we took (at the time), we are confident that the specific issue that allowed them to scrape this data in 2019 no longer exists,” Facebook said in the statement.