Facebook Hack Leaks Millions Of Private User Data
The names and phone numbers of up to 267 million Facebook users have been leaked online.
The private information was shared to a popular online forum frequented by hackers, which was discovered by cybersecurity firm Comparitech in collaboration with security researcher Bob Diachenko.
While researchers are yet to establish how the database was created, they believe the operation could be run out of a criminal network in Vietnam.
It’s possible that the database was compiled illegally through ‘scraping’ – a process where public information stored on the internet (or in this case, Facebook) is compiled and distributed online.
Another possibility is that the data was leaked through a Facebook tool called API, which gave third-party developers access to user information in order to create Facebook applications. However, API stopped giving access to user phone numbers in 2018.
The illegal database was entirely open to the public and was not password protected before it was taken down on 19 December, after Diachenko flagged the leak to the internet service provider managing the IP address.
Diachenko also believes the database was accidentally set public, leaving it vulnerable to being detected and therefore, removed.
Facebook users are now being cautioned to act with vigilance if they receive unknown or private phone calls and text messages, as their information could now be used for scams or phishing campaigns.
It’s the latest scandal coming at the end of a tumultuous year for Facebook, after months of being scrutinised for data and privacy breaches, proliferation of misleading and fake news and accusations of failing to act on political interference.