Malicious actors are claiming that they’ve structured and cleaned data stolen during a 2019 Facebook data scrape. The Cybernews research team notes that old data remains useful to cybercriminals, as personal information doesn’t expire.
The attackers shared their claims in a post on a popular data-leak forum used to exchange often illegally obtained data. They’ve supposedly curated over half a billion records from the Meta-owned social network Facebook, stolen during the 2019 data scrape.
“The 2019 Facebook is a nightmare to parse, and people give up or make compromises over faulty data. Encodings changing in the middle of a file, random characters popping up in the middle of a line, unescaped breaklines, faulty lines, inconsistent contents across countries. I fixed it all,” the post’s author said.
Facebook suffered a data breach in the first half of 2019, with attackers sharing detailed profile information, including virtually all personally identifiable information (PII) that users submit to create an account on the platform.
The Cybernews research team investigated the data sample that the post’s author attached. The sample, limited to 50 records, includes personal details such as:
- Full names
- Phone numbers
- Profile URLs
- Approximate living locations
Details revealed in the Facebook data leak sample correlate with information leaked in the 2019 breach. The team could not confirm if the attacker actually possesses 500 million Facebook records.
The question is, why would attackers spend time and effort to curate data that’s at least six years old? The team explained that even though the data breach is old, time affects different types of records differently.
The Cybernews community is talking about this. Be a part of the conversation.
According to the team, unlike payment cards or passwords, PII doesn’t have a time limit. Users rarely change email or home addresses, and full names are nearly never swapped for something more recent. Cybercrooks can still exploit leaked details, even after the post-attack dust has settled.
Anything from identity theft and fraud to social engineering and targeted phishing is still possible with records that are several years old. Moreover, old data can be beneficial to malicious actors, as the accounts of deceased users can be weaponized.
“When a person passes away, their digital footprint, such as emails or other account information, can be used to set up throwaway accounts. Their phone numbers can be reassigned for other people and exploited again,” the team explained.
Malicious actors also combine multiple data leaks, allowing them to develop a very detailed picture of a person. For example, if several data leaks involve the same email address, scammers can use it as a core, around which other details are added.
Moreover, the post’s author clustered the data according to the exposed individuals’ locations, which allows scammers to pick their targets by country. That way, they can craft location-specific phishing emails that may involve the use of a local language.
In 2019, independent cybersecurity researchers discovered an unprotected database that houses what appeared to be scraped details of over 500 million Facebook users. Malicious actors utilize automated software to take public information from popular platforms en masse.
Earlier this year, attackers claimed to have leaked a 1.2 billion Facebook user record database after abusing one of the social media platform‘s application programming interfaces (APIs).
Another major platform to suffer from scrapers was LinkedIn. In 2021, attackers attempted to sell over 600 million records lifted from the professional social networking platform.
Unlock exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked