The personal data of more than 533 million users of the social network Facebook were posted on the hacker forum.
According to him, the information of users from 106 countries of the world was in the public domain, including the accounts of 32 million US residents, 11 million British citizens and 6 million Indian residents. Full names, dates of birth and biographies of users, as well as their real location, mobile numbers, and, in some cases, email addresses were posted on the forum.
Elon Gal, CTO, Hudson Rock: “A database of this size, containing personal information such as the phone numbers of many Facebook users, is likely to lead to a situation in which attackers can use this information to use social engineering attacks or to try to hack. ".
As previously reported , in February 2021, a database of Facebook users, containing more than 370 million lines, was published in the public domain. It consisted of 108 text files, each of which contains data from a particular country.
The recently published database contains more complete information. In this version of the base, there are countries such as Afghanistan, Syria, Iraq, etc., which were absent in the smaller version. In addition, for many countries there are significantly more entries in this version.
Facebook confirmed the leak, which according to the company took place two years ago.
“This is old data that was previously reported on in 2019, We found and fixed this issue in August 2019.”- Facebook Noted.
At the time, an attacker abused a vulnerability in the Facebook contacts importer feature to supply the Facebook platform with a list of phone numbers and get a match for existing profiles, allowing the attacker to link random phone numbers to specific users.