Low-level hacking forum users leaked more than 533 million personal data of Facebook users for free online from 106 countries, including 32 million US users, 11 million UK users and 6 million Indian users.
According to the Business Insider report, the breach includes user’s phone numbers, Facebook IDs, birthdays, locations, full names, bios, and in some cases, email addresses.
Insider reviewed a sample of the leaked data and verified several records by matching known Facebook users’ phone numbers with the IDs listed in the data set. We also verified records by testing email addresses from the data set in Facebook’s password reset feature, which can be used to partially reveal a user’s phone number.Business Insider
“This is old data that was previously reported on in 2019,” A Facebook spokesperson wrote in an email. “We found and fixed this issue in August 2019.”
Even if the data is a couple of years old, that data can still provide valuable information to cybercriminals, who use people’s personal information to imitate them or scam them into handing over their login credentials, according to Alon Gal, chief technology officer at cybercrime intelligence firm Hudson Rock, who first discovered the leaked data online Saturday.
At the time, the company addressed a flaw in its technology that allowed information to leak out. However, once that data escapes from the Facebook network, the company has limited power to prevent it from spreading online.