FB data breach: Cyber agency cautions internet users against data thieves
New Delhi, Mar 27 :India's national cyber security agency has cautioned internet users about lurking data thieves and advised them against sharing details such as their vote preferences and Aadhaar details over social media platforms and mobile applications.
As the debate over Facebook data breach disclosure intensifies, the Computer Emergency Response Team of India (CERT-In) has issued an advisory asking Facebook and all other social media users to "not share their personally identifiable information (PII) on these sites or mobile applications".
CERT-In is the nodal agency to combat hacking, phishing and fortifying security-related defences of the country's internet domain.
"Social media users should not share official data or personal secrets on social media messaging platforms. They should never share details like their vote preferences, PIN, passwords, credit card details, banking details, passport information, Aadhaar card and all those details which are meant to be kept as a secret for personal safety and security," the advisory accessed by PTI said.
The agency specified that the advisory was being issued for internet and social media users in the country in the backdrop of the recent Facebook data compromise incident.
"Facebook admitted that there had been a data breach as the personal data tracked was used by various external parties for unauthorised activities.
"In the wake of this development, users are advised to take diligent measures to safeguard their personal data," it said.
The Ministry of Information and Technology had last week asked UK-based Cambridge Analytica - the firm at the centre of the date breach scandal--to furnish a list of clients and the source of data it had collected from India.
The notice came after reports suggested that political parties had used the data analytics firm for furthering their poll prospects.
CERT-In said users of cyberspace should follow best practices such as not posting private information and non-disclosure of an individual's location.
"Facebook being part of a public network could allow easy access to information which should not be disclosed," it said.
Suggesting some more dos and don'ts, the advisory asked users to immediately approach the help desk of the concerned social media platform in case of a data breach incident, and also lodge a complaint with the cyber wing of the police.
It asked netizens to not allow unknown/untrusted applications to access their Facebook account and be diligent in giving permission to third party apps that can access public profile, which includes name, profile pictures, username, user ID (account number), friends list, gender, age range and locale.
"Do not open the messages/images received from untrusted sources or received unexpectedly from trusted sources. Use strong account-specific passwords and a mix of different types of characters to make the password harder to crack," it suggested.
The advisory also asked the users to "close" unused accounts as they could be compromised without their knowledge.
"Assess the applications being used in your mobile devices or browsers as most of the applications either use Facebook or Google to sign in.
"Also, keep all mobile apps updated along with regularly updating the security settings on social networks," it said.
Union Law and Information and Technology Minister Ravi Shankar Prasad recently warned social media giant Facebook of stringent action for any attempt to influence polls through data theft. He had even threatened to summon its CEO Mark Zuckerberg.