Hackers have published phone numbers and personal data of over 533 million Facebook users.
The data includes Facebook IDs, full names, locations, birthdates, bios, and – in some cases – email addresses from 106 countries including over 32 million records on users in the US, 11 million on users in the UK, and 6 million on users in India.
Business Insider Africa reports that the data was scraped due to a vulnerability that the company patched in 2019.
The leak was discovered in January when a user in a hacking forum advertised an automated bot that could provide phone numbers for hundreds of millions of Facebook users in exchange for a price.
However, the data has now been posted on the forum for free, exposing the users to cyber-criminals who could use the data to compromise their accounts, or even steal from them.
Bad actors will certainly use the information for social engineering, scamming, hacking and marketing. I have yet to see Facebook acknowledging this absolute negligence of your datatweeted Alon Gal.
Gal is the co-founder of an Israeli cybercrime intelligence company called Hudson Rock, who flagged the release of the Facebook data Saturday.
In 2016, Cambridge Analytica scraped the data of 80 million users in violation of Facebook’s terms of service to target voters with political ads in the 2016 election in US.
According to Facebook spokeswoman Liz Bourgeois, the data involved “old data that was previously reported on in 2019.”
We found and fixed this issue in August 2019Bourgeois wrote.
Gal told The Washington Post that the leaked database was previously sold for tens of thousands of dollars and then circulated, selling for lower prices until it finally was offered at no charge.