the staff of the Ridgewood blog
Ridgewood NJ, The New Jersey Cybersecurity and Communications Integration Cell (NJCCIC) has received an increase in incident reports regarding compromised Facebook accounts, which has led to additional account compromises and theft of funds. While the methods used to acquire the users’ password is not confirmed, it is likely that the threat actor used tactics such as credential stuffing or attempting passwords exposed in data breaches.
In many cases, having multi-factor (or two-factor) authentication enabled on the Facebook account would have prevented the threat actor from compromising the users’ account. With the many online account data breaches that occur, it is imperative for users to take extra steps to secure their accounts. Recently, a hacker posted to a forum a file of 8.4 billion passwords, which was likely compiled from past data breaches. Data dumps greatly facilitate threat actors’ efforts to compromise online accounts. The threat of exposed credentials is highlighted by research conducted at Agari, which revealed that threat actors attempt to use exposed credentials mere hours after they are posted online. Gaining unauthorized access to an account can lead to subsequent targeting and network compromise.
The NJCCIC highly recommends Facebook users review the “Keeping Your Account Secure” section of Facebook’s Help Center, as well as the NJCCIC Instructional Guide, “The NJCCIC’s Guide to Accessing Facebook’s Security & Privacy Settings ” for tips to better secure Facebook accounts and protect user privacy, including enabling multi-factor authentication and login alerts.
What’s Facebook ?
It’s a company I invest in to make money off of idiots.