The personal data belonging to more than half a billion Facebook users has been published for free on an online hacking forum. The compromised data constitutes the personal information of an estimated 533 million users operating in 106 countries across the world.
Investigators have intimated that 32 million records have been linked to US-based users, 11 million accounts from the UK, and the Indian user base being associated with 6 million of the breached accounts.
Generally, it turns out that the personal information that has been compromised constitutes Facebook IDs, cellphone numbers, full names, location data, birthdates, personal bios, and email addresses.
According to a review that was conducted by the Business Insider, the leaked personal data was confirmed to belong to actual Facebook accounts. The media outfit conducted a study on a sample of the compromised data and verified numerous records by successfully linking known users’ cellphone numbers with the Facebook IDs captured by the data set.
In addition, the records were verified by running Facebook password reset tests using email addresses from the data set – the tests could be used to partially expose actual phone numbers belonging to the affected Facebook users.
The latest data breach was first discovered by Alon Gal, Chief Technical Officer of the cyber intelligence organization Hudson Rock, who encountered the data set after it was leaked online.
According to Gal, a database constituting such a massive scale of compromised user data – including phone numbers belonging to actual users – would enable hackers to launch social engineering attacks against targets.
Gal first came across the compromised data in January 2021 when a user in a hacking forum made a post about an automated bot that would supply the cellphone numbers belonging to millions of Facebook users. The user was seeking to sell the leaked data.
Around the same time, a VICE News article had captured the story on the bot’s existence, and had gone ahead to confirm the legitimacy of the advertised data.
Today, the whole dataset is being placed on the same hacking platform for free.
Is Your Facebook Account Safe?
Considering that Facebook has attributed the recent data leak stems from a 2019 cyber issue that has since been rectified, the lingering question in every Facebook user’s mind is whether their account is safe.
Although the compromised data may be a few years old, the information may empower cybercriminals that engage people’s personal information to impersonate, scam and cunningly obtain login credentials from unsuspecting targets.
Looking back, the massive cyber event caused unprecedented data losses – an excess of 30 million accounts in the U.S. were compromised yet the social media giant has never made it easy for individual users rule out inclusion of their data in the breach.
Nonetheless, a third party web platform, haveibeenpwned.com, provides a pretty simple solution for anyone looking to ascertain whether their account was affected. The way this works, a user can input their email address to the website to check whether it forms part of the several millions of emails that were stolen by hackers.
Otherwise, the biggest catch to this method lies in the category of data that was stolen by threat actors. While hackers breached a staggering 533 million Facebook accounts, it turns out that only 2.5 million of said accounts were linked to emails included in the stolen data.
Thus, as a Facebook user looking to gain your peace of mind, you may have less than 0.5 percent chance of finding your account on the online checker – despite the fact that there is a significantly high chance that your Facebook chance was captured by the massive data breach.
The personal data belonging to more than half a billion Facebook users has been published for free on an online hacking forum. The compromised data constitutes the personal information of an estimated 533 million users operating in 106 countries across the world.
Investigators have intimated that 32 million records have been linked to US-based users, 11 million accounts from the UK, and the Indian user base being associated with 6 million of the breached accounts.
Generally, it turns out that the personal information that has been compromised constitutes Facebook IDs, cellphone numbers, full names, location data, birthdates, personal bios, and email addresses.
According to a review that was conducted by the Business Insider, the leaked personal data was confirmed to belong to actual Facebook accounts. The media outfit conducted a study on a sample of the compromised data and verified numerous records by successfully linking known users’ cellphone numbers with the Facebook IDs captured by the data set.
In addition, the records were verified by running Facebook password reset tests using email addresses from the data set – the tests could be used to partially expose actual phone numbers belonging to the affected Facebook users.
The latest data breach was first discovered by Alon Gal, Chief Technical Officer of the cyber intelligence organization Hudson Rock, who encountered the data set after it was leaked online.
According to Gal, a database constituting such a massive scale of compromised user data – including phone numbers belonging to actual users – would enable hackers to launch social engineering attacks against targets.
Gal first came across the compromised data in January 2021 when a user in a hacking forum made a post about an automated bot that would supply the cellphone numbers belonging to millions of Facebook users. The user was seeking to sell the leaked data.
Around the same time, a VICE News article had captured the story on the bot’s existence, and had gone ahead to confirm the legitimacy of the advertised data.
Today, the whole dataset is being placed on the same hacking platform for free.
Is Your Facebook Account Safe?
Considering that Facebook has attributed the recent data leak stems from a 2019 cyber issue that has since been rectified, the lingering question in every Facebook user’s mind is whether their account is safe.
Although the compromised data may be a few years old, the information may empower cybercriminals that engage people’s personal information to impersonate, scam and cunningly obtain login credentials from unsuspecting targets.
Looking back, the massive cyber event caused unprecedented data losses – an excess of 30 million accounts in the U.S. were compromised yet the social media giant has never made it easy for individual users rule out inclusion of their data in the breach.
Nonetheless, a third party web platform, haveibeenpwned.com, provides a pretty simple solution for anyone looking to ascertain whether their account was affected. The way this works, a user can input their email address to the website to check whether it forms part of the several millions of emails that were stolen by hackers.
Otherwise, the biggest catch to this method lies in the category of data that was stolen by threat actors. While hackers breached a staggering 533 million Facebook accounts, it turns out that only 2.5 million of said accounts were linked to emails included in the stolen data.
Thus, as a Facebook user looking to gain your peace of mind, you may have less than 0.5 percent chance of finding your account on the online checker – despite the fact that there is a significantly high chance that your Facebook chance was captured by the massive data breach.
