A total of 533 million Facebook user data has been leaked. This is based on a report from a user on a low-level hacker forum. It publishes the personal data of hundreds of millions of Facebook users online and for free, making it widely available to anyone with rudimentary data skills.
The data revealed included the personal information of 533 million Facebook users from 106 countries, including more than 32 million users in the US, 11 million users in the UK, and 6 million users in India.
Then, the data that had been leaked, including phone numbers, Facebook IDs, full names, locations, birthdays, bios, and email addresses were also included in some cases.
The Business Insider team has verified the truth regarding this data leak news. Some entries were verified by matching the phone numbers of well-known Facebook users with identifiers from a database.
In addition, they also verified that the email address used to reset Facebook password was correct. This function can also be used to reveal a portion of the user’s phone number.
These leaks provide valuable information to cybercriminals that can be used to impersonate other people, or fraudulently obtain user credentials.
Alon Gal, CTO of cybercrime intelligence firm Hudson Rock, who discovered the leak, said that such a large database containing personal information such as phone numbers belonging to millions of Facebook users would be used by cybercriminals to abuse it in carrying out social engineering attacks or hacking attempt.
Gal first encountered the leaked data in January when a user on the same hacking forum advertised an automated bot that could provide phone numbers to hundreds of millions of Facebook users in exchange for a price. The motherboard reports the bot’s presence at the time and verifies that the data is valid.
Just to remind, this leak is not the first time. Most of the phone numbers belonging to Facebook users were found to be exposed online.
The vulnerability that was exposed in 2019 has allowed millions of people’s phone numbers to be retrieved from Facebook servers in violation of its terms of service. Facebook said that the vulnerability was patched in August 2019.
Facebook previously promised to crack down on mass data mining after Cambridge Analytica removed data from 80 million users who violated Facebook’s terms of service to target voters with political ads in the 2016 election.
Gal said that from a security point of view, there wasn’t much Facebook could do to help users affected by the breach.
This is because their data is already open. However, he said that Facebook can urge users to remain vigilant about this data leak.