Facebook made the headlines again and, as many might have guessed, it’s not good news. A database that held IDs and personal phone numbers of more than 267 million users was discovered on the internet. The leaked information was discovered by Bob Diachenko, security researcher, in partnership with Comparitech. Clues suggest that it was all gathered through an illegal scraping process or some sort of API abuse done by Vietnamese criminals.
Who was affected?
According to Comparitech, a total of 267,140,436 sets of personal information were exposed. The database appears to have been posted on a hacker forum where everybody was granted access to it for almost two weeks. It contained unique IDs of Facebook users, their full names, timestamps and other information. According to Diachenko, most of them check out as valid. He also observed that the vast majority of these belong to American users.
What’s the danger of having your data exposed?
The information that was made public can be misused in a pretty diverse set of ways. Phone numbers can be used in spam or phishing but also for SIM hijacking, meaning that hackers can take control of an existing phone number or SIM card.
There is no official number of affected users yet, but Facebook is undergoing investigations regarding the incident: “We are looking into this issue, but believe this is likely information obtained before changes we made in the past few years to better protect people’s information,” a spokesperson of the company stated.