Data on more than 553 million Facebook users was released on Saturday. Facebook data is leaked for free by hackers on hacking forums and includes details such as phone numbers and other personal information. The personal information of millions of users from 106 countries including India has released.
The data displayed includes details such as phone numbers, Facebook IDs, full names, locations, birth dates, biographical information, and even email addresses of some users.
There are more than 32 million accounts in the US, 11 million in the UK, and 6 million in India, according to a Business Insider report.
A Facebook spokesperson said the leak had removed due to a security issue the company fixed in 2019. In 2019, a vulnerability discovered that could wipe the phone numbers of millions of users from Facebook’s servers.
The social media giant said the vulnerability fixed in August 2019.
Although the leaked information is several years old, it could provide valuable information for cybercriminals, said Alon Gal, technical director of cybercrime intelligence firm Hudson Rock, who first discovered the leaked data online on Saturday.
Some of the data appears to be up-to-date while several leaked phone numbers belong to Facebook account holders.
Reason behind data leakage
The leakage news came spotted in January when a user advertises an automatic algorithm. This could provide phone numbers of the users on the price.
The entire data set now published online for free. This will make it easy for anyone with a basic understanding of the data to access.
According to Gal, there isn’t much Facebook can do at this stage apart from letting users know that their data is open so they can stay alert going forward.
Gal said that people who sign up for well-known companies like Facebook must trust their information.
Facebook should treat them with great respect. Leaking of consumer information is a major breach of trust and must be handled appropriately, he said.
Facebook has long restricted developer access to users’ phone numbers. The company also made it difficult to find a friend’s phone number.
However, the data appears to have loaded into an open database late last month – although that doesn’t mean it’s new.
The presence of this latest data is the most recent example of data store online and publicly without a password.
While data exposure is often the result of human error rather than a malicious breach. It is still an emerging security issue.