533 million Facebook users' phone numbers and personal data have been leaked online


Level 27
Jun 14, 2011
A user in a low level hacking forum has published the phone numbers and personal data of hundreds of millions of Facebook users for free online.

The exposed data includes personal information of over 533 million Facebook users from 106 countries, including over 32 million records on users in the US, 11 million on users in the UK, and 6 million on users in India. It includes their phone numbers, Facebook IDs, full names, locations, birthdates, bios, and — in some cases — email addresses.

Insider reviewed a sample of the leaked data and verified several records by matching known Facebook users' phone numbers with the IDs listed in the data set. We also verified records by testing email addresses from the data set in Facebook's password reset feature, which can be used to partially reveal a user's phone number.

The leaked data could provide valuable information to cybercriminals who use people's personal information to impersonate them or scam them into handing over login credentials, according to Alon Gal, CTO of cybercrime intelligence firm Hudson Rock, who first discovered the leaked data on Saturday.


Level 8
Aug 2, 2020
This was not a new hack but an older one that was from 2019
Reached out for comment, Facebook confirmed the leak, which according to the company took place two years ago.

“This is old data that was previously reported on in 2019,” a Facebook spokesperson told The Record. “We found and fixed this issue in August 2019.”
At the time, an attacker abused a vulnerability in the Facebook contacts importer feature to supply the Facebook platform with a list of phone numbers and get a match for existing profiles, allowing the attacker to link random phone numbers to specific users.

The attacker collected data in 2019, until Facebook detected the automated process, and cut off their access.


Level 6
Oct 2, 2020
How to check if your info was exposed in the Facebook data leak

Since then, Troy Hunt has added the leaked data to his Have I Been Pwned data breach notification service to help users determine if a Facebook member's data was exposed in the leak.


Level 58
Content Creator
Dec 30, 2012


Level 8
Aug 2, 2020
Yesterday I received a weird friend request on Facebook from I guy I don't know looked at his profile it
was fairly obvious that he was running a crypto scam so blocked him.

Today I get another friend request on FB this time a female, looked at her profile she offers unsecured loans.


After checking my email and phone number on haveibeenpwned.com
Looks like my FB details has not been leaked and it maybe was a coincidence after all. :)
Last edited:


Level 16
May 4, 2019


Level 25
Sep 13, 2018
New website lets you see if your data has been exposed in the recent Facebook leak

This website went dark for now. (haveibeenfacebookedDOTcom)