It has been revealed that the personal data of 533 million Facebook users from 106 countries have been leaked online. This includes 32 million in the United States, 11 million users in the United Kingdom and 6 million users in India.
Among the data leaked are phone numbers, Facebook IDs, locations, birthdays, occupations, emails and other personal details that not only violate privacy but could also be used by criminal fraudsters for financial gain.
The data leak was revealed on an obscure hacker forum.
It is not believed that all the data is up to date, and is thought to have been stolen in 2019, however, details such as birthdays, email addresses and phone-numbers will be, or likely will be, the same for users now as it was in 2019. Facebook spokespersons say they know about the issue and had patched the vulnerability in 2019.
Alon Gal, who works for cybercrime intelligence firm Hudson Rock, and who uncovered the leak, told Insider magazine:
"A database of that size containing the private information such as phone numbers of a lot of Facebook's users would certainly lead to bad actors taking advantage of the data to perform social-engineering attacks [or] hacking attempts."
Gal added:
"Individuals signing up to a reputable company like Facebook are trusting them with their data, and Facebook [is] supposed to treat the data with utmost respect. Users having their personal information leaked is a huge breach of trust and should be handled accordingly."
In early 2020 a vulnerability that enabled seeing the phone number linked to every Facebook account was exploited, creating a database containing the information 533m users across all countries.
— Alon Gal (Under the Breach) (@UnderTheBreach) January 14, 2021
It was severely under-reported and today the database became much more worrisome 1/2 pic.twitter.com/ryQ5HuF1Cm
Facebook has long been criticised for failing to protect users. Prior to the Brexit referendum in the United Kingdom, tech data firm Cambridge Analytica scraped the personal details of 80 million people to serve them with political ads that suited their political opinions, and which could then be used to sway them in favour of voting to leave the European Union.
Facebook also came under criticism for failing to clamp down on hate-speech and for allowing fake news to permeate across the site. Prior to the 2016 US presidential election, it was claimed that Russian intelligence officials deliberately tried to cause social fracture.
It is thought that Facebook cannot do much to stop the data from being used, as it is already out there. All they could do is notify the affected individuals, something that is likely to seriously harm the company and possibly affect its stock price and future business model.
[h/t: Insider]
COMMENTS