533 million Facebook users' phone numbers and personal data have been leaked online

pablozi

Level 27
Verified
Trusted
Jun 14, 2011
1,602
9,119
A user in a low level hacking forum has published the phone numbers and personal data of hundreds of millions of Facebook users for free online.

The exposed data includes personal information of over 533 million Facebook users from 106 countries, including over 32 million records on users in the US, 11 million on users in the UK, and 6 million on users in India. It includes their phone numbers, Facebook IDs, full names, locations, birthdates, bios, and — in some cases — email addresses.

Insider reviewed a sample of the leaked data and verified several records by matching known Facebook users' phone numbers with the IDs listed in the data set. We also verified records by testing email addresses from the data set in Facebook's password reset feature, which can be used to partially reveal a user's phone number.

The leaked data could provide valuable information to cybercriminals who use people's personal information to impersonate them or scam them into handing over login credentials, according to Alon Gal, CTO of cybercrime intelligence firm Hudson Rock, who first discovered the leaked data on Saturday.
 

The_King

Level 11
Verified
Aug 2, 2020
546
5,985
This was not a new hack but an older one that was from 2019
Reached out for comment, Facebook confirmed the leak, which according to the company took place two years ago.

“This is old data that was previously reported on in 2019,” a Facebook spokesperson told The Record. “We found and fixed this issue in August 2019.”
At the time, an attacker abused a vulnerability in the Facebook contacts importer feature to supply the Facebook platform with a list of phone numbers and get a match for existing profiles, allowing the attacker to link random phone numbers to specific users.

The attacker collected data in 2019, until Facebook detected the automated process, and cut off their access.
 

Minimalist

Level 6
Oct 2, 2020
295
2,929
How to check if your info was exposed in the Facebook data leak

Since then, Troy Hunt has added the leaked data to his Have I Been Pwned data breach notification service to help users determine if a Facebook member's data was exposed in the leak.
 

venustus

Level 58
Verified
Trusted
Content Creator
Dec 30, 2012
4,745
34,122

The_King

Level 11
Verified
Aug 2, 2020
546
5,985
Yesterday I received a weird friend request on Facebook from I guy I don't know looked at his profile it
was fairly obvious that he was running a crypto scam so blocked him.

Today I get another friend request on FB this time a female, looked at her profile she offers unsecured loans.

Coincidence?


Edit
After checking my email and phone number on haveibeenpwned.com
Looks like my FB details has not been leaked and it maybe was a coincidence after all. :)
 
Last edited:

Correlate

Level 16
Verified
May 4, 2019
724
6,871

plat1098

Level 25
Verified
Sep 13, 2018
1,487
12,935
New website lets you see if your data has been exposed in the recent Facebook leak

This website went dark for now. (haveibeenfacebookedDOTcom)

haveibeenfavebooked.PNG
 
Top