Have you changed your Facebook password lately? If you haven’t, you may want to change it – security researchers reported a massive data breach exposing the phone numbers and personal details of millions of users.
The exposed data consists of personal details of more than 533 million Facebook users from 106 countries, including 32 million records of US users, 11 million records of UK users, and 6 million records of Indian users.
533 Million Facebook Profiles Leaked
The leaked information includes phone numbers, Facebook IDs, full names, locations, biographies, birthdates, and in some cases email addresses.
The data breach was possible due to a vulnerability addressed by Facebook in 2019. Despite being two-years old, the leaked Facebook details could be exploited by hackers in various scenarios. Affected users could be impersonated and scammed.
The massive leak was discovered by Alon Gal, CTO of cybercrime intelligence company Hudson Rock. “A database of that size containing the private information such as phone numbers of a lot of Facebook’s users would certainly lead to bad actors taking advantage of the data to perform social engineering attacks [or] hacking attempts,” the researcher said.
The leak was discovered in January this year, when a user in the hacking forum where the data is shared, advertised an automated bot that could provide the phone numbers of millions of Facebook users. The service was paid, and its legitimacy was confirmed by Motherboard.
The massive dataset is now available for free on the said hacking forum, making hundreds of millions of Facebook users vulnerable to various hacking threats.
We recommend you to change your Facebook password immediately.
Previous Facebook Hacking Incidents
In 2019, hackers compromised 81,000 Facebook accounts and published thousands of private messages. The majority of the users whose private messages and perhaps other details were compromised were based in Russia and Ukraine, as well as the UK, Brazil and other, undisclosed locations.
According to the BBC, the hackers offered to sell access for 10 cents per account. Security researchers confirmed that 81,000 of the breached Facebook profiles contained private messages. Details from additional 176,000 accounts were also made available.