Post Content

 

data-breach

Facebook recently suffered a significant data breach with hackers gaining access to the accounts of millions Americans.  According to Facebook, hackers exploited a software flaw in the ‘View As’ option (which lets users to see what their profile looks like from the perspective of another user) and were able to steal “access tokens.” Access tokens are what makes it possible for you to remain signed into your social media accounts on your devices.

Facebook has said that they reset the access tokens for accounts and fixed the vulnerability. However, they recently announced that data from 29 million user accounts, including names, email address, phone numbers, birthdates, and even information about where users checked into, was obtained as a result of the intrusion.

Facebook will be notifying those users whose accounts were compromised. In the meantime, it may be a good idea for all consumers to change their passwords and review their privacy settings. Facebook hasn’t said there is a need to do this, but in general, it is good practice to frequently update the passwords for all social media and online accounts, such as banking and utilities.

Interestingly, many people have also been reporting in the days since the announcement of the breach that their account has been hacked, and warning their current friends not to accept a friend request from them. Facebook has said the two are unrelated and that the “hack” is really just a cloning scam.

A cloned Facebook account is when frauds use the information from your current Facebook page (your name, photos, likes) and create a separate account. Usually the scammers then message your friends and ask for personal information or money (we’ve told you about this type of scam before—refresh your memory here: http://blog.mass.gov/consumer/massconsumer/social-butterflies-beware-watch-out-for-fake-facebook-friend-requests/)

The message users are receiving reads something along the lines of “I received another friend request from you. You should check your account and forward this so you can warn others.” Any time someone tells you they received a friend request from you that you did not send, be suspicious as it’s very possible that your account was cloned. It sounds scary, but don’t panic. A simple way to check if you might be the victim of Facebook cloning is to search your name (and similar variations of it). If you come across duplicate profiles, report them to Facebook.

Remember, a cloned account doesn’t necessarily mean your account has been hacked and Facebook officials have said there has not been spike in cloned accounts. Use caution when accepting friend requests from people you don’t know and NEVER share personal or financial information on the site. It’s also smart to avoid filling out those quizzes that ask questions such as your favorite pet and mascot in high school as those questions are often used as security questions for financial accounts if you can’t remember your password.

If you have additional questions, contact the Office of Consumer Affairs and Business Regulation by calling our Consumer Hotline at (617) 973-8787, or toll-free in MA at (888) 283-3757, Monday through Friday, from 9 am-4:30 pm. Follow the Office on Facebook and Twitter, @Mass_Consumer. The Baker-Polito Administration’s Office of Consumer Affairs and Business Regulation along with its five agencies work together to achieve two goals: to protect and empower consumers through advocacy and education, and to ensure a fair playing field for Massachusetts businesses. The Office also oversees the state’s vehicular and customized wheelchair Lemon Laws and Arbitration Programs, Data Breach reporting, Home Improvement Contractor Programs and the MA Do Not Call Registry.

Written By:

Recent Posts

Have you gotten a collection call about a debt you don’t recognize? posted on Sep 29

Have you gotten a collection call about a debt you don’t recognize?

Nobody likes getting debt collection calls. But have you ever gotten one for a debt you already paid — or you know isn’t yours? Or have you been threatened and harassed by a debt collector until you paid up? If so, we want you to   …Continue Reading Have you gotten a collection call about a debt you don’t recognize?

National Preparedness Month: National Flood Insurance Program Facts posted on Sep 22

National Preparedness Month: National Flood Insurance Program Facts

You never know when rainfall may lead to a major flood. National Preparedness Month is a great time to make sure your home and belongings are prepared for the unexpected. Having a flood in your home can cause major destruction, leading to costly repairs. Programs   …Continue Reading National Preparedness Month: National Flood Insurance Program Facts

Ballot Question 1: Right to Repair posted on Sep 18

Ballot Question 1: Right to Repair

Should you, or shouldn’t you? 2020 Massachusetts Ballot Question 1 has a lot of voters wondering which option is best for the people of the Commonwealth as proponents on each side spend millions on advertising to convince you to vote one way or the other.   …Continue Reading Ballot Question 1: Right to Repair