Facebook Users Data Leaked
First seen by Alon Gal, CTO of a cybercrime intelligence firm named Hudson Rock, the database was listed for sale in a popular hacker forum mid-last year. It’s reported that the dump was actually from 2019, where a hacker has stolen it from Facebook after exploiting a vulnerability in its ‘Add Friend’ feature.
This means that if you have a Facebook account, it is extremely likely the phone number used for the account was leaked. I have yet to see Facebook acknowledging this absolute negligence of your data. https://t.co/ysGCPZm5U3 pic.twitter.com/nM0Fu4GDY8 — Alon Gal (Under the Breach) (@UnderTheBreach) April 3, 2021 This allowed them to gain access to the users’ phone numbers. The whole dataset, including others details, may have been scrapped. This was said to be containing records of about 533,313,128 users, regarding their name, gender, Facebook ID, location, and phone number. In some cases, it also has the relationship status, occupation, date of birth, and email addresses of some users. This database was initially sold for $30,000 in a popular hacker forum and later sold for just over $2 in the same forum. Now, it’s made available for free online, with the database divided as per country basis. While this may increase the hacker’s reputation, it’s now paving the way for new cybercrimes. As the URLs to this leaked and categorized database are shared in Pastebin, people are rushing to download the database and find their names within. Last year, one made a Telegram bot that would render search results for a small fee.
— Liz Bourgeois (@Liz_Shepherd) April 3, 2021 While people are getting mad over this database, Liz Bourgeois, Director of Strategic Response Communications at Facebook, said it’s from a 2019 leak and fixed in August 2019. Yet, it’s now a trove of PII that can be leveraged for any impersonating cybercrimes or other forms.