533 million Facebook users' phone numbers and personal sensitive information have been leaked online
The data includes phone numbers, full names, location, email address, and biographical information. Security researchers warn that the data could be used by hackers to impersonate people and commit fraud.
Hundreds of millions of Facebook users phone numbers, full names, location, email address, and biographical information are published on Saturday in a hacking forum.
The exposed data includes personal information of over 533 million Facebook users from 106 countries, including over 32 million records on users in the US, 11 million on users in the UK, 6 million on users in India and 3 million users in Bangladesh. It includes their phone numbers, Facebook IDs, full names, locations, birthdates, bios, and — in some cases — email addresses.
We verified the data by testing email addresses from the data set in Facebook's password reset feature, which can be used to partially reveal a user's phone number.
A Facebook spokesperson told Insider that the data was scrapped due to a vulnerability that the company patched in 2019. While a couple of years old, the leaked data could provide valuable information to cybercriminals who use people's personal information to impersonate them or scam them into handing over login credentials, according to Alon Gal, CTO of cybercrime intelligence firm Hudson Rock, who first discovered the entire trough of leaked data online on Saturday.
Tweet: All 533,000,000 Facebook records were just leaked for free.
All 533,000,000 Facebook records were just leaked for free.— Alon Gal (Under the Breach) (@UnderTheBreach) April 3, 2021
This means that if you have a Facebook account, it is extremely likely the phone number used for the account was leaked.
I have yet to see Facebook acknowledging this absolute negligence of your data. https://t.co/ysGCPZm5U3 pic.twitter.com/nM0Fu4GDY8
- The data includes phone numbers, full names, location, email address, and biographical information.
- Security researchers warn that the data could be used by hackers to impersonate people and commit fraud.