A major privacy violation by hackers allegedly took the data of almost 533 million users of Facebook from 106 countries to be posted online for free. More than 533 million private details that were posted online include records of over 32 million users in the US, 11 million users in the UK, and 6 million users in India. This breach is perhaps the largest in the social media giant’s history of breaches. Details such as phone numbers, Facebook IDs, full names, sites, birthdates, bios, and even e-mail addresses of several people are included in the breach.
A spokesman for Facebook stated that the data had been scrapped on the social website due to a security vulnerability that had already been patched in 2019. The vulnerability was identified in 2019, enabling millions of Facebook servers to remove telephone numbers. In August 2019, the social media outlet was kicked off by the vulnerability.
On Saturday 3rd of April, Alon Gal, who is the CTO of Hudson Rock, the CIC, detected the leaks and confirmed the same via Twitter. Gal is the very same researcher who had blown the whistle of an initially accessible Telegram bot in January, which seems to be the same, leaking database. While the individual behind the bot sold the leaked figures to the people willing to pay for it, this time the disparity is that all these figures are now freely accessible on a low-level hacking forum. After the vulnerability that Facebook fixed in 2019, the database was reported to have been leaked, this is because not many people frequently alter their telephone numbers so that the data can be very accurate. In the past, this information was sold by a person who sold a telegraph bot to sell a telephone number or a Facebook ID for $20,000, or in bulk for $5,000. It is now widely available to anyone with certain technical know-how.
“A database of that size containing the private information such as phone numbers of a lot of Facebook’s users would certainly lead to bad actors taking advantage of the data to perform social engineering attacks [or] hacking attempts,” added Gal.
This is not the first time Facebook is spotted with a data leak. Data from 419,000,000 Facebook and 49,000 Instagram users were displayed in online databases in 2019. In that meme year, data of 267 million users had been exposed to an additional violation. In the meantime, there was the infamous Cambridge Analytica scandal that, for its data collection practices, was perhaps the first time the Zuckerberg company had come under the radar.
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.