Millions of Facebook Users Phone Number Leaked Online
Huge database of Facebook Users Phone number associated with account leaks online
According to the TechCrunch report, it was a passwordless server which was available for publicly accessible. The server contains 133 million records from U.S.-based Facebook users, 18 million records from users in the UK, and 50 million records on users in Vietnam.
The exposed data contained the Facebook unique profiles ID along with the phone numbers associated with the accounts.
Now Facebook have restricted the access to phone numbers more than a year ago, so the database that was found may be older than that.
But then also a big question arises is Who scraped these data? and Why?
Initially database was originally found by security researcher Sanyam Jain, who said that he was able to locate phone numbers associated with several celebrities. It's not clear who owned the database nor where it originated from. So he contacted TechCrunch for verification.
TechCrunch was able to verify multiple records in the database by matching a known Facebook user's phone number against a listed Facebook ID. Other records were verified by matching phone numbers with Facebook's password reset feature, which can be used to partially reveal a phone number linked to an account.
After contacting to the Facebook, company spokesperson said that the data had been scraped prior to when Facebook cut off access to phone numbers, calling the dataset "old."
"This dataset is old and appears to have information obtained before we made changes last year to remove people's ability to find others using their phone numbers," the spokesperson said. "The dataset has been taken down and we have seen no evidence that Facebook accounts were compromised."This was the latest security lapse of Facebook users data after Cambridge Analytica scandal, which saw more than 80 million profiles scraped.
For this data breach Facebook was also fined for $5 Billion to settle the scandal.