•  
  •  
  •  
  •  
  •  
  •  

According to breaking reports and online sources such as security researcher Alon Gal the personal data of around 533 million Facebook users has just been leaked online for free for anyone to access. The data breach has been verified in a recent write-up at Insider.

“The exposed data includes personal information of over 533 million Facebook users from 106 countries, including over 32 million records on users in the US, 11 million on users in the UK, and 6 million on users in India,” according to Insider. “It includes their phone numbers, Facebook IDs, full names, locations, birthdates, bios, and — in some cases — email addresses.”

As Jay Peters shared at theverge the 500 million figure may seem familiar and there’s a good reason. You may recall that Motherboard (Vice) reported back in January about a dataset of phone numbers from Facebook available online, posted in a low-level hacking forum. Cybercriminals and hackers share this data between themselves. Also they could easily access and buy portions of it via a relatively basic telegram bot. Worryingly, it appears they are one and the same. Except that now users can get their hands on the dataset info without spending a dime or having any hacking skills.

Facebook shared with the Insider that the reason this data was scraped was because of a vulnerability that was already fixed in 2019. A similar answer was given to Motherboard be the company in January. “This is old data that was previously reported on in 2019,” Facebook told BleepingComputer. “We found and fixed this issue in August 2019.”

The creator of the Have I Been Pwned database, Troy Hunt, said on Saturday that “I haven’t seen anything yet to suggest this breach isn’t legit.” The data reveals around 2.5 million unique email addresses which is still a significant portion. However, the more pressing issue is the phone numbers that are now available fro everybody. The consequences could be far greater you can read what Hunt had to say on the subject.

If you have a few moments to spare, it is advisable to read the entire Twitter thread to find out more about the breach in detail.

Fortunately, Hunt didn’t hesitate to upload the email list to his site. So you can already check to see if your email has been compromised in the leaked dataset. As yet, he is still considering adding the phone numbers and making them searchable via his website tool services.

0
0