Yesterday, a hacker published the phone numbers and personal data of hundreds of millions of Facebook users for free online.
There have been leaks before. But this time the number of hacked accounts exceeds 533 million. Also, they are from 106 countries. 32 million accounts of the hacked accounts are from the US, 11 million from the UK, 6 million from India, and so on. The published information includes phone numbers, Facebook IDs, full names, locations, birthdates, bios, and even email addresses.
In this regard, BusinessInsider contacted a Facebook spokesperson, who told that the data was scraped due to a vulnerability that the company patched in 2019.
A cybercrime intelligence firm Hudson Roc was the first to discover the Facebook leaked data. Alon Gal, CTO of the company proves that the leaked data could provide valuable information to cybercriminals. They mainly use personal information of this kind to impersonate them or scam them into handing over login credentials.
‘A database of that size containing the private information such as phone numbers of a lot of Facebook’s users would certainly lead to bad actors taking advantage of the data to perform social engineering attacks [or] hacking attempts,’ Gal told Insider.
However, this is not the first leakage. Back in January, Gal bumped into the same hacking forum, which was advertising an automated bot that could provide phone numbers for hundreds of millions of Facebook users. Of course, the bot would provide information for a certain fee.
Probably, they have made enough money and posted the entire dataset for free download.
Interestingly, the same backdoor was found back in 2019, when a huge number of Facebook users’ phone numbers have been found exposed online. At that time, Facebook said the vulnerability was patched in August 2019.