The details appeared on Saturday, according to Business Insider, and are also available for purchase in 106 different country-based packages, included 32 million records on users in the US, 11 million on users in the UK, and 6 million on users in India.
In a statement, Facebook said the data was from a breach of its servers that had occurred in 2019 and it had since plugged the security hole that allowed it to take place.
“This is old data that was previously reported on in 2019,” a Facebook spokesperson said. “We found and fixed this issue in August 2019.”
While the information appears to be old, the details in the shared database include phone numbers, Facebook IDs, names, locations, birthdates and email addresses, all of which could be used in social engineering attacks or hacking attempts.
The information was first discovered by Alon Gal, CTO of cybercrime intelligence firm Hudson Rock, who called the leak “a huge breach of trust” by Facebook that “should be handled accordingly,” but he added that there was little that the social network could do beyond warning people to stay on the lookout for phishing scams.
In early 2020 a vulnerability that enabled seeing the phone number linked to every Facebook account was exploited, creating a database containing the information 533m users across all countries.
It was severely under-reported and today the database became much more worrisome 1/2 pic.twitter.com/ryQ5HuF1Cm
— Alon Gal (Under the Breach) (@UnderTheBreach) January 14, 2021
Concerned users are encouraged to check if their email address has been leaked in data breaches using the Have I Been Pwned website. The founder of the website is also considering adding the leaked phone numbers to its search database.
This isn’t the first time that hackers have targeted Facebook for its vast trove of user date. In 2018, a security breach allowed hackers to steal data on 29 million users, including details on everything from username and relationship status, to religion, birthdate, and home town.
This article, “Facebook Data for Over 535 Million Users Leaked on Hacker Website” first appeared on MacRumors.com
Discuss this article in our forums