We are at a point when it is increasingly necessary to use the internet for various reasons ranging from social media to work. This technological advancement has brought a level of convenience never experienced before in history as a few minutes is all we often need to communicate with friends, families, and the public. Regrettably, we have also discovered that our presence on the internet is not temporary as every action (especially on social media platforms) leaves a trace somewhere that is archived and can be accessed by 3rd parties. According to reports, the world recorded over 3900 data breaches in 2020, resulting in billions of data records lost to malicious actors. These data records often include personal or professional information such as names, email addresses, birthdays, addresses, payment information, amongst other data.

In this light, individuals and organizations must consider emerging social engineering threats from malicious actors. For example, in the past few months, news emerged of the sale of a database containing around 500 million LinkedIn user profiles by hackers who scrapped the LinkedIn website, creating records of users’ names, workplaces, email address, work history, and others. Ignoring the fact that this may have been prior public information, we are only beginning to scratch the surface of the length that malicious actors will go to obtain our information. Microsoft (LinkedIn's parent company) denied reports of personal details included in the breach. Still, data from LinkedIn profiles were copied and inputted into databases for easy reference.

In April 2021, news emerged that the personal details of about 500 million Facebook users had been accessed and made available for sale on a website used by hackers. Facebook, for its part, stated that this occurred in 2019, and the affected users were notified. However, this information breach is seemingly more extensive than the one that affected LinkedIn as this one included full names, location, birthday, email addresses, phone number, and relationship status. Regardless of the notification of the breach by Facebook, individuals might encounter difficulties in rending some of this information obsolete as they may be unable to change birthday dates as quickly as an email address.

These data breaches, which are often reported in the news, have become commonplace occurrences. However, the impacts are enormous. Data breaches provide our information to individuals and organizations with malicious intentions and could be an antecedent to other criminal activities. For example, a malicious actor with knowledge of your job status from LinkedIn can contact you for a job interview with the intent of fraud, blackmail, theft, amongst others. Alternatively, details of your spouse or family member(s) from Facebook can be used against you for various purposes ranging from innocent pranks to fraud and theft. "Knowledge is power" is a famous quote that we have all heard often enough in our lives, and by leaving our information willy-nilly, we grant power over certain aspects of our lives to the intention of strangers. Luckily, there are certain steps we can take to reduce our exposure, minimize risk and eliminate existing threats to our personal information.

By Joshua Usen.