The data of users from a popular Social Media – Facebook was recently published for free in a low-level hacking forum on Saturday. The data breach includes phone numbers, Facebook usernames, and other personal data like birthdates, full names, locations, and many more.
The published data includes the details of users from all over the world. The highest number of leaked data is from the US counting it to 36 Million Facebook users, 11 Million users in the UK, and 6 Million users in India. Altogether, the data breach includes overall user data from 106 countries around the world.
Upon reviewing the published data, it was found that the data were real and authentic. Some emails and phone numbers on Facebook would show the same personal details in the breached list. Facebook allows us to preview our user profile partially through the password reset feature if we insert an email ID or just a phone number.
The leaked data was discovered by Alon Gal, a CTO of cybercrime intelligence firm Hudson Rock on Saturday.
Gal says, “the data leak could provide valuable information to cybercriminals who use people’s personal information to impersonate or scam them into giving their passwords or credentials information.
“A database of that size containing the private information such as phone numbers of a lot of Facebook’s users would certainly lead to bad actors taking advantage of the data to perform social engineering attacks [or] hacking attempts,” Gale further adds in his report.
Before this data breach of Facebook, Alon first encountered the bot, that could provide phone numbers of 533 Million Facebook users for an exchange of price in January. It was also proved that the data from the bot was legitimate which was confirmed by the Motherboard.
Today, anyone who imposes elemental data skills can get access to the data sources for free that have been posted in the hacking forum.[ For some security issues, we cannot provide the link of that hacking forum]
Things like this tend to happen in the future as much as they happened in past or now. As per Business Insider, a Facebook spokesperson told that the data was scraped from a vulnerability that the company already patched in 2019. The vulnerability allowed millions of people’s phone numbers to be scraped from Facebook servers.
How to get protected from scams?
As the data is already out there, there’s no such thing we can do to hide from that. And yeah from Facebook too. So, instead of worrying about what you can do now, you can now focus on how to avoid getting pished now.
Hackers use a phishing link and put some irresistible offers that will draw them towards you. In the meantime, they will make you log in, to some systems and save your credentials.
In the meantime, you can check if your email address is included in the data breaches by visiting Have I Been Pwned. They have emails from thousands of data breaches. So if your email has ever been in data breaches, you are most likely to see your email in the red list.