533 million phone numbers and personal data of Facebook users have been leaked online



[ad_1]

Mark Zuckerberg, CEO of Facebook.

Drew Angerer / Getty Images

  • The personal data of more than 500 million Facebook users have been posted online in a low-level hacking forum.
  • The data includes phone numbers, full names, location, email address, and biographical information.
  • Security researchers warn that hackers could use the data to impersonate people and commit fraud.
  • See more stories on the Business Insider SA home page.

A user of a low-level hacking forum has posted the phone numbers and personal details of hundreds of millions of Facebook users for free online.

The exposed data includes personal information from more than 533 million Facebook users from 106 countries, including more than 32 million user records in the US, 11 million users in the UK, and 6 million users in the UK. India. It includes their phone numbers, Facebook IDs, full names, locations, dates of birth, biographies, and in some cases, email addresses.

Although South Africa is not directly listed as an affected country, millions of accounts in South Africa appear to be affected under the designation “Africa”.

Insider reviewed a sample of the leaked data and verified multiple logs by matching the phone numbers of known Facebook users to the IDs listed in the dataset. We also verify the logs by testing the email addresses from the dataset in Facebook’s password reset feature, which can be used to partially reveal a user’s phone number.

The leaked data could provide valuable information to cybercriminals who use people’s personal information to impersonate or scam them into providing login credentials, according to Alon Gal, chief technology officer at cybercrime intelligence firm Hudson. Rock who first discovered the leaked data on Saturday. “A database of that size that contains private information, such as the phone numbers of many of Facebook’s users, would certainly lead to bad actors taking advantage of the data to carry out social engineering attacks. [or] hacking attempts, “Gal told Insider.

Facebook did not immediately respond to multiple requests for comment.

Gal first discovered the leaked data in January when a user on the same hacking forum announced an automated bot that could provide phone numbers for hundreds of millions of Facebook users in exchange for a price. Motherboard reported the existence of that bot at the time and verified that the data was legitimate.

Now the entire dataset has been posted to the hacking forum for free, making it widely available to anyone with basic data knowledge.

This is not the first time that a large number of Facebook users’ phone numbers have been exposed online. A vulnerability that was discovered in 2019 allowed the phone numbers of millions of people to be removed from Facebook’s servers in violation of its terms of service. Facebook said the vulnerability was fixed in August 2019.

Facebook previously promised to crack down on massive data scraping after Cambridge Analytica scraped the data of 80 million users in violation of Facebook’s terms of service to target voters with political ads in the 2016 election.

Gal said that from a security point of view, there is not much Facebook can do to help users affected by the breach as their data is already out in the open, but added that Facebook could notify users so that They can stay tuned for possible phishing or fraud schemes using your personal data.

“People who register with a reputable company like Facebook trust them with their data and Facebook [is] We are supposed to treat data with the utmost respect, “said Gal.” Users whose personal information is leaked is a major breach of trust and should be handled accordingly. “

Receive a daily news update on your cell phone. Or receive the best of our site by email

Go to the Business Insider home page for more stories.



[ad_2]