Data affecting over half a Billion Facebook users that was originally leaked in 2019, including email addresses and phone numbers, has been posted on an online hackers forum, according to media reports and a cybercrime expert. “All 533,000,000 Facebook records were just leaked for free,” Alon Gal, chief technology officer at the Hudson Rock cybercrime intelligence firm, said on Twitter last week. He denounced what he called the “absolute negligence” of Facebook.
Some of the data appeared to be current, according to a report in Business Insider which AFP was unable to confirm independently. It said some of the leaked phone numbers still belong to the owners of Facebook accounts. “This means that if you have a Facebook account, it is extremely likely the phone number used for the account was leaked,” Gal said.
But Facebook said the reports were old news. “This is old data that was previously reported on in 2019,” a company spokesperson told the media. “We found and fixed this issue in August 2019.”
The exposed data includes personal information of over 533 million Facebook users from 106 countries, including over 32 million records on users in the US, 11 million on users in the UK, and 6 million on users in India. It includes their phone numbers, Facebook IDs, full names, locations, birthdates, bios, and — in some cases — email addresses.
While a couple of years old, the leaked data could provide valuable information to cybercriminals who use people’s personal information to impersonate them or scam them into handing over login credentials, according to Alon Gal, CTO of cybercrime intelligence firm Hudson Rock, who first discovered the entire trough of leaked data online on Saturday.
“A database of that size containing the private information such as phone numbers of a lot of Facebook’s users would certainly lead to bad actors taking advantage of the data to perform social engineering attacks [or] hacking attempts,” Gal told Insider.