On Saturday, reports came up of a leaker publishing the personal data of 533 million Facebook users on a hacking forum for free.
The breach exposed personal data of over 533 million Facebook users. The breach affected 106 countries of which 32 millions records were of Facebook users in the U.S. Additionally, there were over 11 million records of users in the UK and 6 million personal data of users across India.
The exposed data includes personal information like phone numbers, Facebook IDs, full names, locations, birthdates, bios, and email addresses (in some cases).
Facebook Responds The Breach As Very Old Reported in 2019
Alon Gal, CTO of cybercrime intelligence firm Hudson Rock, was the first to discover the entire information about the Facebook data leak. In his series of tweets, Gal highlighted all the information about the breach which is said to have leaked personal data of over 533 million users.
“This means that if you have a Facebook account, it is extremely likely the phone number used for the account was leaked,” Gal said in a tweet on Saturday.
All 533,000,000 Facebook records were just leaked for free.
This means that if you have a Facebook account, it is extremely likely the phone number used for the account was leaked.
— Alon Gal (Under the Breach) (@UnderTheBreach) April 3, 2021
While a Facebook spokesperson addresses the breach to Business Insider by claiming it to be a very old data. Further adding, that the personal information is scrapped from the leak reported in 2019 due to a vulnerability. However, the company had found and fixed the vulnerabilities back in August 2019.
“This is old data that was previously reported in 2019. We found and fixed this issue in August 2019.”
Researchers discover about an automated telegram bot To Sell the Facebook Data
Back in January, Gal discovered about the leaked data when a user of the same hacking forum posted an advertisement. The automated telegram bot can provide phone numbers linked with Facebook accounts of hundreds of millions of users against a price.
Motherboard tested the automated bot and confirmed that the leaked phone numbers are of verified Facebook users.
According to Gal, the currently leaked database points to the same set of personal info like phone numbers linked with Facebook accounts of users. Since the leak, the data has been flowing in various hacking groups since it could provide various valuable information to the cyber-criminals.
“A database of that size containing the private information such as phone numbers of a lot of Facebook’s users would certainly lead to bad actors taking advantage of the data to perform social engineering attacks [or] hacking attempts,” Gal told Insider.
As the leaks contain too much personally-identifiable information of Facebook users. The researchers warn that the data can be used in committing various scams, frauds and identity thefts.
“Bad actors will certainly use the information for social engineering, scamming, hacking and marketing,” Gal said.
How To Check If your Data was leaked in Latest Facebook online breach
Here’s how you can check if your data was leaked in the latest Facebook breach.
Security researchers often maintain and update databases that contain the records of breaches and data leaks. One such source is HaveIBeenPwned.com, which is managed by Troy Hunt, a security analyst. The site will ask for your email address which matches it within the records of over 10 billion compromised accounts in breaches in the past. So, this can help determine if your email address has been compromised in any past breach.
To check if your password is leaked, you can check at password breach section of HaveIBeenPwned.
Also, as a precautionary measure, Facebook users can immediately review their privacy settings. Change your passwords and enable two-factor authentication.
Although, Facebook has made to the headlines for various milestones like Facebook AI Model SEER Learn To Recognize 1 Billion Instagram Images. This has emerged as a future trend for computer vision.
Also, Facebook made its valuable contribution towards the spread of the misinformation related to COVID-19.
Despite these, Facebook’s privacy often made headlines for all the wrong reasons. This concerns users as it puts the user’s privacy at risk. So, we should be aware of such hacking attempts and do our best to safeguard our personal information.
The best thing to do is secure your passwords by adding two-factor authentication. Choose strong passwords and avoid it saving on your browsers and applications. Also, you can use a reputable password manager to manage and store them in encrypted format.
Article reference: Business Insider.