Over 533 million Facebook users from 106 countries were affected by a data breach on the social media giant. A hacker published phone numbers, personal data, and other information of Facebook users on a low-level hacking forum.
Data of 32 million U.S. users was exposed. Meanwhile the United Kingdom affected users reached 11 million and over 6 million in India. The leaked data includes Facebook IDs, locations, birthdates, phone numbers, biographies and some even got their email addresses leaked.
Meanwhile, a spokesperson for Facebook told Business Insider that the data was leaked because of a vulnerability that hit Facebook in 2019. Despite the leaked data being 3 years old; the hack still provides cybercriminals with dangerous information that may enable them to scam millions of people.
“A database of that size containing the private information such as phone numbers of a lot of Facebook’s users would certainly lead to bad actors taking advantage of the data to perform social engineering attacks [or] hacking attempts,” Alon Gal, CTO of cybercrime intelligence firm Hudson Rock—who first discovered the entire trough of leaked data online on Saturday—told Business Insider.
Facebook data hacks don’t seem to stop
Alon Gal found out about the leaked data back in January. A user in a hacking forum promoted supposedly automated software that sells people phone numbers of hundreds of millions of Facebook users.
Gal’s company tested the software to find out that it’s legitimate. The entire leaked database is now available on the forum for free. Consequently putting hundreds of millions of users at danger of scams and hacking.
Meanwhile, Facebook failed to put an end to recurring hacks of its databases. In 2016, data from over 80 million users was scraped in the Cambridge Analytica famous incident. Additionally, millions of people’s phone numbers were leaked from the social media giant in 2019.
Gal said the social media giant won’t be able to help the affected users since their data is already shared. However, the social media platform could at least notify them so that they avoid phishing schemes and scams.
“Individuals signing up to a reputable company like Facebook are trusting them with their data and Facebook [is] supposed to treat the data with utmost respect,” Gal said. “Users having their personal information leaked is a huge breach of trust and should be handled accordingly.”
In conclusion, a Facebook executive was once heard saying that “Facebook is too powerful” but the social media platform that banned the president of the United States doesn’t seem to be able to protect its users from data breaches.