A leaker says they are offering information on more than 500 million Facebook users - including phone numbers and other data - virtually for free. The database has been online since last June.
Alon Gal, co-founder of Israeli cybercrime intelligence firm Hudson Rock, said on Saturday the database appears to be the same set of Facebook-linked telephone numbers that have been circulating in hacker circles since January and whose existence was first reported by tech publication Motherboard.
"If you have a Facebook account, it is extremely likely the phone number used for the account was leaked," Gal tweeted.
According to the CyberNews investigation team, this database has been for sale on the same forum since last June. A few days ago, a Telegram bot was created to allow people to query the database for a couple of dollars, practically for free.
- Keep your online connection secure with the best VPNs in 2021
- Choose the top website builder to build your business or personal site in no time
- Host your website with one of the best web hosting providers hand-picked by our team
The database has entries from 106 countries and includes names, mobile numbers, few email addresses, genders, occupations, locations, and marital statuses.
The US and the UK are among the most affected countries, with 32M and 11,5M Facebook users’ data leaked, respectively.
Experts have been raising red flags long before this incident, claiming that this privacy issue was severely under-reported. Security experts warn that leaked data could be used not only for marketing purposes but also for impersonating people and committing fraud.
To see if any of your online accounts were exposed in previous security breaches, use our personal data leak checker with a library of 15+ billion breached records.
An attempt by Reuters to reach the leaker over the messaging service Telegram was not immediately successful. Facebook did not return messages seeking comment.
Motherboard's story earlier this year cited Facebook as saying the leaked data appeared to be the fruit of a bug that the company fixed in August 2019.
Gal told Reuters that Facebook users should be alert to "social engineering attacks" by people who may have obtained their phone numbers or other private data in the coming months. News of the latest leak was first reported by Business Insider.
Facebook has long been criticized for allowing third parties to scrape or collect user data, with Cambridge Analytica being the most prominent and scandalous example.