Home Internet Security 533 million Facebook users’ phone numbers leaked on hacker forum

533 million Facebook users’ phone numbers leaked on hacker forum

19
0


Facebook

The cell phone numbers and different private info for roughly 533 million Fb customers worldwide has been leaked on a well-liked hacker discussion board at no cost.

The stolen knowledge first surfaced on a hacking neighborhood in June 2020 when a member started promoting the Fb knowledge to different members. What made this leak stand out was that it contained member info that may be scraped from public profiles and personal cellular numbers related to the accounts.

The initial sale of Facebook data in June 2020
The preliminary sale of Fb knowledge in June 2020
Supply: BleepingComputer

The bought knowledge included 533,313,128 Fb customers, with info equivalent to a member’s cellular quantity, Fb ID, identify, gender, location, relationship standing, occupation, and e mail addresses.

From samples of the Fb knowledge seen by BleepingComputer, nearly each consumer report accommodates a cell phone quantity, a Fb ID, a reputation, and the member’s gender.

Under is a small pattern of USA data displaying the redacted cellular numbers beginning with New York’s 917 cellular space code.

Sample of leaked USA Facebook members with mobile numbers
Pattern of leaked USA Fb members with cellular numbers
Supply: BleepingComputer

Based on Alon Gal, CTO of cybercrime intelligence agency Hudson Rock, it’s believed that menace actors exploited a now-patched vulnerability in Fb’s “Add Good friend” function that allowed them to achieve entry to member’s telephone numbers. 

It’s unknown if this alleged vulnerability allowed the menace actor to retrieve all the info within the leaked knowledge or simply the telephone quantity, which was then mixed with info scraped from public profiles.

After the preliminary sale of the information, which is believed to be for $30,000, one other menace actor created a non-public Telegram bot that allowed different menace actors to pay to look via the Fb knowledge. 

Fb knowledge leak launched at no cost

At present, this Fb knowledge leak has been launched at no cost on the identical hacker discussion board for eight website ‘credit,’ a type of foreign money on the hacker discussion board, equal to roughly $2.19.

Whereas knowledge breaches are initially bought in personal gross sales for a excessive value, it is not uncommon for them to be bought for decrease and decrease costs till they’re ultimately launched at no cost as a approach of incomes repute throughout the hacker neighborhood.

“As is the case each time, folks started to promote for cheaper and cheaper till it leaked at no cost,” Gal advised BleepingComputer in a dialog.

Data leak shared for free on Hacker Forum
Knowledge leak shared at no cost on Hacker Discussion board
Supply: BleepingComputer

The highest 20 nations the place members had been uncovered on this leak are listed under:

Nation Variety of customers
Egypt 44,823,547
Tunisia 39,526,412
Italy 35,677,323
USA 32,315,282
Saudi Arabia 28,804,686
France 19,848,559
Turkey 19,638,821
Morocco 18,939,198
Colombia 17,957,908
Iraq 17,116,398
Africa 14,323,766
Mexico 13,330,561
Malaysia 11,675,894
United Kingdom 11,522,328
Algeria 11,505,898
Spain 10,894,206
Russia 9,996,405
Sudan 9,464,772
Nigeria 9,000,131
Peru 8,075,317

Knowledge can be utilized to conduct assaults

This launch has been met with enthusiasm by different menace actors on the hacker discussion board as they’ll use it to conduct assaults on the folks listed within the knowledge leak. 

For instance, menace actors can use e mail addresses for phishing assaults and cellular numbers for smishing (cellular textual content phishing) assaults. 

Menace actors may also use cellular numbers and leaked data to carry out SIM swap assaults to steal multi-factor authentication codes despatched by way of SMS.

It’s suggested that each one Fb customers be cautious of unusual emails or texts requesting additional info or telling you to click on on enclosed hyperlinks.

BleepingComputer has contacted Fb concerning the knowledge leak however has not acquired a response at the moment.





Source link