On one of the hacker forums, the personal data of more than 533 million Facebook users appeared in free access, this is the biggest embarrassment of Mark Zuckerberg’s company in the entire history of the site. It is reported by Business Insider.
These include phone numbers, identifiers, full names, locations, dates of birth, bios, and sometimes email addresses. Previously, user numbers from this database were sold through a bot in a telegram.
The database contains data from 106 countries, including 10 million records from Russia, 32 million from the US, 11 million from the UK and 6 million from India. Business Insider verified the correctness of several verified entries by matching the phone numbers of well-known Facebook users with identifiers from the database. Reporters also verified that the email addresses used to reset Facebook’s password were correct – this functionality can also be used to partially reveal a user’s phone number.
The drain was discovered by experts from the cybersecurity company Hudson Rock. According to the company’s CTO Aaron Gal, the leak could lead to a spike in cybercrime.
All 533,000,000 Facebook records were just leaked for free.
This means that if you have a Facebook account, it is extremely likely the phone number used for the account was leaked.
– Alon Gal (Under the Breach) (@UnderTheBreach) April 3, 2021
“A database of this size, containing personal information such as the phone numbers of many Facebook users, will certainly lead attackers to use this data to carry out social engineering attacks or hacking attempts,” the expert explained.
Now the entire dataset has been posted on the hacker forum for free, making it available to anyone with basic data skills. This is not the first time that a huge number of Facebook users’ phone numbers have been discovered on the web.
This is not the first time that a huge number of Facebook users’ phone numbers have been found online. Vulnerability discovered in 2019 allowed to remove phone numbers of millions of people from Facebook servers in violation of the terms of service. Facebook announced that the vulnerability was patched in August 2019.
There is little Facebook can do to help users affected by the breach, as the data is already in the public domain. Well, and the company ITProfi recommends, just in case, change the passwords on your account, as well as link your phone number to them, which will allow you to see an attempt to log in from a new device.