Personal data, including full names, phone numbers, email addresses, birth dates locations, and biological data of 533 million Facebook users from 106 countries have become publicly available for free online.
Over half a billion people around the world could soon find themselves the targets of a variety of scams after personal data hacked from Facebook has now been made widely available on the Internet.
The data of 533 million Facebook users from 106 countries that was originally breached in 2019 and sold online, has now become made freely available and accessible to the public online.
The information that can be gathered from the exposed data includes phone numbers, full names, Facebook IDs, locations, birthdates, bios, and in some cases – email addresses, Business Insider reported.
The hacked information being made available was first flagged by Alon Gal, CTO of Israeli-based cybercrime intelligence firm Hudson Rock, who reported the size and scope of the breach, as well as what information was taken and the potential risks.
Gal tweeted: “All 533,000,000 Facebook records were just leaked for free. This means that if you have a Facebook account, it is extremely likely the phone number used for the account was leaked. I have yet to see Facebook acknowledging this absolute negligence of your data.”
“Details include: Phone number, Facebook ID, Full name, Location, Past Location, Birthdate, (Sometimes) Email Address, Account Creation Date, Relationship Status, Bio.”
“Bad actors will certainly use the information for social engineering, scamming, hacking and marketing,” Gal tweeted.
“Social engineering involves getting access to people’s confidential information by gaining their trust rather than overcoming technical barriers, for example, by impersonating a tech support person,” the Washington Post reported.
According to Business Insider, Gal said, “While a couple of years old, the leaked data could provide valuable information to cybercriminals who use people’s personal information to impersonate them or scam them into handing over login credentials.”
A spokesperson for Facebook downplayed the wide dissemination of the data publicly calling it “old data.”
“This is old data that was previously reported on in 2019,” wrote spokesperson Liz Bourgeois, who works in Facebook’s Communications department. “We found and fixed this issue in August 2019.”
Facebook is referring to a vulnerability that allowed the information to be scraped from a database, the social media company fixed in 2019.
But these comments ignore the fact that whether the data itself is old or not, some things never change – like the name of the affected user, for example. Many people may have not changed their phone numbers, email addresses, location or information in their personal bios. If none of these things have changed, then it doesn’t matter how old the data itself is, if it is accurate, is a big problem for the user who is now vulnerable to hackers.
Facebook has had a history of data breaches. Mark Zuckerberg took out a full-page advertisement in the New York Times in March 2018 about another data breach that occurred. One of the most notable was the incident involving political firm Cambridge Analytica which accessed information of up to 87 million Facebook users without their knowledge or consent, Wish TV reported.