It’s been reported that Facebook data from 533 million users were leaked online in an open forum, with about 879,699 users from the Philippines.
The leak includes users’ phone numbers, Facebook IDs, full names, locations, birth dates, bios, and email addresses – all in the form of a database posted and downloadable for free in a hacking forum. All the data were accessed using a Telegram bot.
According to Facebook, the information gathered are old, outdated by two years off. The vulnerability of downloading data off from users was already long fixed as well.
However, cybersecurity experts said that most of these data don’t change as much as expected, with some of these even permanent, such as real names and marital status.
“A database of that size containing the private information such as phone numbers of a lot of Facebook’s users would certainly lead to bad actors taking advantage of the data to perform social engineering attacks hacking attempts,” said Alon Gal, CTO of cybercrime intelligence firm Hudson Rock, who found the leaked data online.
Phone number, Facebook ID, Full name, Location, Past Location, Birthdate, (Sometimes) Email Address, Account Creation Date, Relationship Status, Bio.
Bad actors will certainly use the information for social engineering, scamming, hacking and marketing.
— Alon Gal (Under the Breach) (@UnderTheBreach) April 3, 2021
Information is power for unscrupulous hackers in this case. With the following old data alone, hackers can still impersonate the account’s owner or perform scams by handing over log-in credentials.
As it has already circulated online for everyone to review with basic data skills, there’s no helping with the issue. One way to cushion the impending problem of phishing and fraud activities is to alert the involved users and remain vigilant online.