According to a recent report, the world’s most popular social media network Facebook has been hit by a massive data breach. Facebook has over 2.6 billion monthly active users across the globe, and out of those, over half a billion user accounts have reportedly been affected by the data leak.
The database of over 533 million users was spotted on a hacking forum by Hudson Rock’s Chief Technology Officer Alon Gal. A major chunk of the data comes from the United States, which accounts for over 32 million records compromised. Based on screenshots posted by Gal, there seem to be about 28 million affected accounts from Saudi Arabia, 17 million from Colombia, 11 million from the UK, eight million from Brazil, seven million from Australia, and more.
The list compiled from the breach exposes the mobile numbers of millions of Facebook users. Because of this it is possible to look up a Facebook ID and find out the linked phone number for that user, or vice versa. Other personal information such as email, birthdate, geo-location, account creation date, relationship status, and bio also seem to be visible for a majority of the accounts in the database. It goes without saying that this is a goldmine for scammers, marketers, and hackers.
According to Gal, a user from the same forum had created a Telegram bot last year that did the same thing for a small search fee. This didn’t make as many headlines at the time, likely because the information wasn’t easily available, but this time around the data is widely circulated and available for free.
A Facebook spokesperson told Business Insider the vulnerability behind this breach had been patched in 2019. This means the only saving grace for the social media company is that the leaked database is not recent, but that doesn’t mean the information isn’t still relevant. After all, people don’t tend to change their birthdates, addresses, or email addresses often.
Now that the data is out in the open, there not much Facebook can do about it. Users can, however, anticipate and tackle targeted attacks where their personal information might be used for scams. Data breaches have been frequent all across the tech industry as of late, with the studio behind Cyberpunk 2077 being hit by a cyber attack in February.
In the past, breaches for Sony have even resulted in downtime for its PlayStation Network service. Microsoft hasn’t fared much better, as Russian hackers allegedly viewed the company’s source code after the SolarWinds attack. It will be important to watch Facebook to see how it, and other tech companies, respond to such breaches for the future.
Source: Business Insider