Facebook is back in the news for all the wrong reasons, and according to a recent reports, the personal details of over 533 million users was leaked on a hacker forum for free. A hacker has posted the phone numbers and confidential account data of nearly a fifth of the social networking platform’s total user base, including over 61 lakh Indian users on a public forum.
Facebook ID numbers, profile names, email addresses, location information, gender details, job data, and other details were among the information leaked.
“All 5,33,000,000 Facebook records were just leaked for free. This means that if you have a Facebook account, it is extremely likely the phone number used for the account was leaked,” tweeted Alon Gal, chief technology officer of cybercrime intelligence firm Hudson Rock.
“I have yet to see Facebook acknowledging this absolute negligence of your data,” he added.
Facebook has confirmed the leak to The Record.
Facebook’s response to the data breach is as follows: Facebook said in January and now that the data is “old” and that it was compromised due to a flaw that was fixed in August 2019. However, the organisation has not given any specifics on how it plans to fix this security vulnerability. Similarly, Gal argues that the leak of over 533 million users’ personal information has a “massive effect on privacy.” He continues, “I have yet to see Facebook acknowledge this utter disregard for your results.”
With the data now in the public domain, there is a real risk that cybercriminals will use it for email or SMS spam, robocalls, extortion attempts, threats and abuse, and other purposes.
According to studies, the data is divided into download packages by region.
This is the largest ever leak of a social media site with billions of users, as Cambridge Analytics continues to torment nearly 87 million users, including over 5 lakh users from India.
Reports first emerged in January of this year that the phone numbers of 533 million Facebook users were being sold by a bot on encrypted messaging platform Telegram, which stemmed from a Facebook flaw patched in 2019.
According to a Motherboard article, the individual selling the database of Facebook users’ phone numbers ($20 per number) allows customers to look up those numbers using a Telegram bot.
Gal had then said: “It is very worrying to see a database of that size being sold in cybercrime communities, it harms our privacy severely and will certainly be used for smishing (the fraudulent practice of sending text messages) and other fraudulent activities by bad actors.”
However, this time, the Facebook data leak has been published with more details.