533 million Facebook users' phone numbers and personal data have been leaked online

enaph

Level 28
Thread author
Verified
Honorary Member
Top Poster
Well-known
Jun 14, 2011
1,787
A user in a low level hacking forum has published the phone numbers and personal data of hundreds of millions of Facebook users for free online.

The exposed data includes personal information of over 533 million Facebook users from 106 countries, including over 32 million records on users in the US, 11 million on users in the UK, and 6 million on users in India. It includes their phone numbers, Facebook IDs, full names, locations, birthdates, bios, and — in some cases — email addresses.

Insider reviewed a sample of the leaked data and verified several records by matching known Facebook users' phone numbers with the IDs listed in the data set. We also verified records by testing email addresses from the data set in Facebook's password reset feature, which can be used to partially reveal a user's phone number.

The leaked data could provide valuable information to cybercriminals who use people's personal information to impersonate them or scam them into handing over login credentials, according to Alon Gal, CTO of cybercrime intelligence firm Hudson Rock, who first discovered the leaked data on Saturday.
 

The_King

Level 12
Verified
Top Poster
Well-known
Aug 2, 2020
542
This was not a new hack but an older one that was from 2019
Reached out for comment, Facebook confirmed the leak, which according to the company took place two years ago.

“This is old data that was previously reported on in 2019,” a Facebook spokesperson told The Record. “We found and fixed this issue in August 2019.”
At the time, an attacker abused a vulnerability in the Facebook contacts importer feature to supply the Facebook platform with a list of phone numbers and get a match for existing profiles, allowing the attacker to link random phone numbers to specific users.

The attacker collected data in 2019, until Facebook detected the automated process, and cut off their access.
 

Minimalist

Level 9
Verified
Well-known
Oct 2, 2020
439
How to check if your info was exposed in the Facebook data leak

Since then, Troy Hunt has added the leaked data to his Have I Been Pwned data breach notification service to help users determine if a Facebook member's data was exposed in the leak.
 

Cortex

Level 26
Verified
Top Poster
Well-known
Aug 4, 2016
1,465
I did use Facebook a couple of years ago (no longer) but an email I no longer use & I 'think' a different phone number - Facebook seem to be shrugging this of as no consequence, the story is getting on major news sites though.
 

Venustus

Level 59
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Dec 30, 2012
4,809

The_King

Level 12
Verified
Top Poster
Well-known
Aug 2, 2020
542
Yesterday I received a weird friend request on Facebook from I guy I don't know looked at his profile it
was fairly obvious that he was running a crypto scam so blocked him.

Today I get another friend request on FB this time a female, looked at her profile she offers unsecured loans.

Coincidence?


Edit
After checking my email and phone number on haveibeenpwned.com
Looks like my FB details has not been leaked and it maybe was a coincidence after all. :)
 
Last edited:

[correlate]

Level 18
Top Poster
Well-known
May 4, 2019
801

plat

Level 29
Top Poster
Sep 13, 2018
1,793
New website lets you see if your data has been exposed in the recent Facebook leak

This website went dark for now. (haveibeenfacebookedDOTcom)

haveibeenfavebooked.PNG
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top