- A voluminous database containing the details of over 533 million Facebook accounts is being shared for free.
- This is the same database that was privately sold a couple of months ago on Telegram groups.
- Facebook says the data was harvested two years ago and that the exploited flaw has been fixed.
Researchers at ‘Under the Breach’ have discovered and reported a new massive Facebook user data leak posted on a popular hacking forum over the weekend. Unfortunately, the data appears to be valid and real, and it is shared for free with anyone who’s a member of the forum. The number of records in the pack is 533 million, which corresponds to an equal number of Facebook accounts.
The database is the same that was used at the start of the year by a cybercriminal who set up a Telegram bot and allowed people to query specific user IDs and phone numbers. Back then, the data was sold for $20 per lookup, so it’s possible that the actors have milked the database as much as they could, and it’s now leaked for free. Still, the consequences for FB users are dire, as we’re talking about 18.5% of the social media platform’s entire userbase.
First of all, you should check if you’re included in the recently published database by using ‘haveibeenpwned.com.’ Just enter the email address you’re using on your Facebook account and click on “pwned?”. If you get a positive, consider the following details compromised:
- User ID
- Phone number
- Email address
- Name
- Gender
- Date of Birth
- Location
- Relationship Status
- Employer
Not all of the above is available for every record entry, but you should still treat them as leaked out of an abundance of caution. Obviously, not everything can be changed or reset, but at least you can take the following steps to ensure that the negative effects on your account’s security are kept to a minimum.
- Reset your Facebook account password.
- Change your 2FA number or pick a different method like an authenticator app.
- Treat all incoming SMS and email messages with extra care, especially if they contain links.
If you receive any emails informing you of this breach and urging you to take steps to protect your account, consider them phishing. Facebook has not sent out any notices of this kind yet, so only scammers are distributing messages of this kind at the moment.
As for how the social media company responded to this news, they simply said that it’s the same dataset that was harvested back in 2019, exploiting a bug that has been closed now. Having fixed the problem, though, doesn’t make the incident less damaging for the users. Facebook should have taken more aggressive security steps like having already identified these accounts and helping users protect them.