MORE than 500 million Facebook users have had personal information leaked online following an historic data breach.
The leak, discovered today, includes the details and phone numbers of over 533 million Facebook users from 106 countries.
Business Insider reports the data dump includes over 32 million records on users in the US, 11 million on users in the UK, and 6 million on users in India.
As well as phone numbers, the data also includes Facebook IDs, full names, locations, birthdays and bios – and even email addresses.
Alon Gal, the co-founder of Israeli cybercrime intelligence firm Hudson Rock who discovered the trove of data on Saturday, said the details leaked are a couple of years old.
Gal said the database appears to be the same set of Facebook-linked telephone numbers that he had discovered circulating in hacker circles since January.
A Facebook spokesperson said the data was scraped due to a vulnerability that the company patched in 2019.
The existence of the information – which was being distributed by a Bot for a price – was first reported by tech publication Motherboard.
But now the entire dataset has been made free – meaning it is available for anyone with basic hacking and data scraping skills to plunder.
Despite not being current, the information could be used to cybercriminals to impersonate people or scam them into handing over login credentials.
Gal told Business Insider: “A database of that size containing the private information such as phone numbers of a lot of Facebook’s users would certainly lead to bad actors taking advantage of the data to perform social engineering attacks [or] hacking attempts.”
The information is being offered for a few euros’ worth of digital credit on a well-known site for low-level hackers.
HIP HOP ICON
Rapper DMX in ‘grave condition after drug overdose triggers heart attack’
‘Four killed in their cars in two shootings just six miles apart’
Inside supersonic presidential jet that can fly at nearly TWICE the speed of sound
BLOOD ON DANCE FLOOR
Shooting at nightclub leaves ‘one dead and at least two others hurt’
Mass shooting at party leaves ‘3 dead and at least 4 others injured’
Gal said he had verified the authenticity of at least some of the data by comparing it against phone numbers of people he knew.
Other journalists say they have also been able to match known phone numbers to the details in the data dump.
Gal told Reuters that Facebook users should be alert to “social engineering attacks” by people who may have obtained their phone numbers or other private data in the coming months.