More than 533 million personal data from user accounts have been leaked to Facebook, and there are 11 million Spanish accounts affected.
When you open an account on a social network such as Facebook, you accept all its terms and conditions, and at the same time you are transferring much of your personal data so that it can be used by the company itself or even by its partners for different issues, but also These personal data run the risk that, due to some oversight or bad practice, they will reach the reach of cybercriminals, as has happened now.
It is paradoxical that Facebook has not learned anything in recent years after the Cambridge Analytica scandal and other personal data leaks that have taken place, and now the security breach reaches to 533 million accounts of the partner networkl.
It was all discovered late on Saturday, when a user of a low-profile hacking forum posted phone numbers and personal details of millions and millions of Facebook users, now visible to onlookers on the dark web.
If someone “hacks” your Facebook account, the first thing they will probably do is change your password and prevent you from entering. But, what if it doesn’t and is dedicated to spying on your Facebook account? Here we show you how to know if someone has entered your Facebook account.
Specifically, the exposed data includes personal data of more than 533 million users. from up to 106 different countries, including more than 32 million US users, more than 19 million French users, more than 11 million UK users and almost 11 million records from Spain.
The leaked data includes phone numbers, Facebook identifiers, full names, locations, dates of birth, biographies, and in some cases email addresses.
Business Insider has reviewed a sample of this leaked data by verifying various records by matching phone numbers of Facebook users against the identifications listed in the dataset. They have also managed to verify email address records in Facebook’s password reset feature. All this leaked data could make it easier for cybercriminals in the future use social engineering practices to gain access to much more sensitive data such as banking.
All 533,000,000 Facebook records were just leaked for free.
This means that if you have a Facebook account, it is extremely likely the phone number used for the account was leaked.
I have yet to see Facebook acknowledging this absolute negligence of your data. https://t.co/ysGCPZm5U3 pic.twitter.com/nM0Fu4GDY8
– Alon Gal (Under the Breach) (@UnderTheBreach) April 3, 2021
The Chief Technology Officer of the cybercrime intelligence firm Hudson Rock, Alon gal, was the first to discover the data breach late on Saturday. Speaking to Business Insider, Gal explains that “a database of that size containing private information such as the phone numbers of many Facebook users would certainly lead to criminals exploiting the data to carry out social engineering attacks or attempted hacking ”.
Since January there were already clues of this data leak, since Alon Gal discovered in that same hacking forum the sale of an automated bot that could provide the telephone number of hundreds of millions of Facebook users.
It is not the first time that Facebook has faced a security issue of this magnitude, given that in 2019 a vulnerability was discovered that allowed the phone number of millions of people to be extracted from Facebook’s servers, violating its terms of service .
We give you some tips to download any Facebook video from all your devices and without the need for other applications.
Further back in time, with the Cambridge Analytica scandal, Facebook had pledged to take action against massive data mining.
Gal notes that Facebook “cannot do much about this to help users affected by this security breach”, although they should notify them directly so that they are aware of possible phishing attacks or fraud against their personal data.
It clarifies that people who register with a reputable company like Facebook “trust them with their data and Facebook is supposed to treat it with the utmost respect. This leak of users’ personal information is a huge breach of trust and must be dealt with accordingly, ”he adds.