267 Million Facebook Users Exposed to the Data Breach

the latest hacking news

Facebook, the world’s largest social network breached by exposing the data of more than 267 million Facebook users online.

Security expert Bob Diachenko, along with Comparitech discovered a database containing more than 267 million Facebook user records.

The database was first indexed on December 4. Diachenko discovered the database on December 14 and immediately sent an abuse report to the ISP managing the IP address of the server. The database is now unavailable on the IP address where it was found. It was posted as a hacker forum on December 12.

What information did the database contain?

Each contained:

  • A unique Facebook ID
  • A phone number
  • A full name
  • A timestamp

The server also included a landing page with a login dashboard and a welcome note in the Vietnamese language.

According to researchers the affected Facebook users we’re mostly from the U.S.

How did the hackers get the information? 

It is still unclear how the hackers got the information. “One possibility is that the data was stolen from Facebook’s developer API before the company restricted access to phone numbers in 2018. Facebook’s API is used by app developers to add social context to their applications by accessing users profiles, friend list, groups, photos and event data. Phone numbers were available to third-party developers prior to 2018,” reads the post published by  comparitech.

Diachenko says Facebook’s API could also have a security hole that would allow criminals to access user IDs and phone numbers even after access was restricted.

Another possibility is that the data was scraped from publicly visible profile pages.

This large exposed data puts users at risk of spam and phishing scams.

For the latest cyber threats and the latest hacking news please follow us on FacebookLinkedin, and Twitter.

You may be interested in reading: ASP.NET Hit by Ransomware

Comments

Please rate this content