Personal data of 533 million Facebook users has been leaked online, including data of Facebook CEO Mark Zuckerberg. This data includes email addresses, phone numbers, birthdates, relationship statuses, location information, and more. As per the social network, this data was scraped using a vulnerability that was fixed back in 2019, but the information has only surfaced now.
Personal information of 533 million Facebook users leaked online
The data is available for free, and there are chances that the data of most Facebook users would be included in this data dump. The database has detailed information of each user that was impacted by the leak, and so far Facebook has not issued any public statement or notified affected users.
All 533,000,000 Facebook records were just leaked for free.
This means that if you have a Facebook account, it is extremely likely the phone number used for the account was leaked.
I have yet to see Facebook acknowledging this absolute negligence of your data. https://t.co/ysGCPZm5U3 pic.twitter.com/nM0Fu4GDY8
— Alon Gal (Under the Breach) (@UnderTheBreach) April 3, 2021
Ever since the Cambridge Analytica scandal, Facebook had said that it will ensure that third parties will not be able to scrape information from its social network anymore. However, this breach seems to have taken place a few years after the scandal. The irony is that even Facebook’s CEO Mark Zuckerberg, who is conscious of his own privacy, has been impacted by this data breach. Security researchers have been able to find his email, phone number, and other personal information in the database.
Although Facebook has not provided any detailed explanation so far, early impressions show that they have been caught on the back foot, once again. The below tweet by Liz Bourgeois from Facebook comms shows that the company has yet to realize how much of a mess this data breach is. When it comes to location tracking, phone numbers, email addresses, birthdates, and more, there is no “old data”.
This is old data that was previously reported on in 2019. We found and fixed this issue in August 2019. https://t.co/mPCttLkjzE
— Liz Bourgeois (@Liz_Shepherd) April 3, 2021
Now that this database is in the public, for free, the repercussions will be far-reaching as malicious actors will use the information for phishing and social engineering attacks. There is no easy way out of this like changing your password and enabling 2FA, as the data is out there and there’s no way to undo it.
I’ve had a heap of queries about this. I’m looking into it and yes, if it’s legit and suitable for @haveibeenpwned it’ll be searchable there shortly. https://t.co/QPLZdXATpt
— Troy Hunt (@troyhunt) April 3, 2021
To check if your Facebook account and data were part of this breach, you can go to Firefox Monitor and enter your email address. Make sure to be aware of any emails or messages from unreliable sources too.
1 comment