235M TikTok, Instagram, and YouTube Profiles Revealed in Data Breach

According to the latest report, a data breach has revealed over 235 million most prominent social media user profiles including TikTok, Instagram, and YouTube. This ensued in revealing personal information of a user such as names, images, contact details, and followers stats. Curious to know how this happened? Well, a now-defunct firm named Deep Social used web scraping practice to gather data from these web pages. 

Is This Data Breach A Hack? 

It is common to consider this a hack, however, it is not. The web scraping practice involves collecting data from different web pages in an automated way. It accesses only public data. But, social media firms usually do not encourage this to ensure user data protection. However, a plethora of data analytics firms leverages this practice to generate a huge database. Most of these companies also derive useful insights from these data and sell them to other firms in exchange for money.  

We can witness a profusion of reports regarding user profile-related data flashing on dark web cybercrime avenue. From 100,000 data breaches paving a way to steal 15 million logins to the current incident of 235 million data being revealed for free. So, if you think all of these profiles will get hacked, you are wrong. But, these profiles are comparatively more vulnerable and the hackers might try their hands on certain user profiles. 

A Database of 235 Million User Information Without Password Protection 

The TNW report says that the scraped data of over 235 million users were collated into a database, which was surprisingly not password protected. This was brought to light by Bob Diachenko and his fellow researchers, working for Comparitech. They identified three identical copies of the said database on the 1st of August. Besides, they found that the data belonged to a firm named Deep Social. However, when the company was contacted, the request was sent to Social Data, a Hong-Kong-based company. 

Social Data acknowledged the data breach and managed to restrict the access to the humongous database, although they denied any relationship with Deep Social. The web scraped data encompassed four major data sets with the details of all 235 million users including their names, age, gender, profile photo, and the number of followers they all had. This data is often used by hackers to perform phishing and spam campaigns. Hence, social media companies have to frame stringent policies to ensure their database security. 

What Should You Do To Protect Your Profile From This Data Breach? 

 Meanwhile, all the users of TikTok, Instagram, and YouTube should be alert to email phishing scams or scams related to posting as comments on social media. All the organizations having databases on the cloud should definitely audit the access permissions to ensure that the database is not accessible by everyone. Most importantly, do not share any sensitive data through social media platforms.  

Bottom Line 

Web scraping has both advantages and disadvantages. It can be greatly used when companies put valuable data on the web. In fact, it renders a handy way to make good use of the data. Firms that deal with product or price comparison services and apps that pull in live traffic relies largely on web scraping practice. However, scraping personal information has to be dealt with differently as it may make a user vulnerable to cyber threats. Laws have to be strictly framed and the social media firms should work on a superior level of security to protect the users’ identity.  We at Cyber Chasse provide high quality cybersecurity services in the US, get in touch with us to safeguard your sensitive business data.

For more such interesting info, follow us on social media. Do not hesitate to drop your thoughts on the comment box below.