553 million Facebook users’ personal information leaked


    Tencent technology news on April 4: on Saturday, a hacker forum user released hundreds of millions of Facebook user data, including phone numbers and other personal information, for free on the Internet.
    The leaked data included personal information of more than 533 million Facebook users from 106 countries and regions, including more than 32 million user records in the United States, 11 million user records in the United Kingdom and 6 million user records in India. The data includes a user’s phone number, Facebook ID, full name, location, date of birth, resume and, in some cases, email address.
    The U.S. media has reviewed samples of the leaked data and verified several records by matching the phone numbers of known Facebook users with the IDS listed in the dataset. In addition, they verified the record by testing the email address set in Facebook’s password reset function, which can be used to partially display a user’s phone number.
    A Facebook spokesman said the data was erased because the company fixed a security vulnerability in 2019.
    Alon gal, chief technology officer of Hudson rock, a cyber crime intelligence company, said that although it is only a few years old, the leaked data may provide more valuable information for cyber criminals who use people’s personal information to impersonate them or cheat them into handing over their login credentials. On Saturday, he first discovered the full Facebook leak on the Internet.
    “A database of this size contains a lot of personal information about Facebook users, such as phone numbers, which will definitely lead to criminals using this data,” Gale said
    Gal found a small amount of leaked Facebook user data on the same hacker forum in January this year, when a user was promoting an automatic chat robot that would exchange money by providing phone numbers of hundreds of millions of Facebook users. At that time, other media also reported the existence of the robot and verified the validity of the data.
    This is not the first time that a large number of Facebook users’ phone numbers have been exposed on the Internet. Security vulnerabilities discovered in 2019 allow millions of people’s phone numbers to be stolen from Facebook’s servers, despite violating Facebook’s terms of service. Facebook said the vulnerability was fixed in August 2019.
    Facebook has vowed to crack down on massive data theft after Cambridge analytics violated Facebook’s terms of service by stealing data from more than 80 million users in order to launch political ads to voters in the 2016 election.
    From a security point of view, there’s nothing Facebook can do to help the affected users because their data is already public, Gal said. But he added that Facebook can notify users so they can stay alert and prevent people from using the personal data for phishing or other online fraud.
    “Users who sign up to a reputable company like Facebook usually trust the company to ensure the security of their data, and Facebook should respect and process that data to the greatest extent,” gal said. The disclosure of users’ personal information is a great harm to this trust, and Facebook should give priority to it as soon as possible. ” (Tencent technology reviser / Jinlu)