The mobile phone numbers and personal details of around 533 million Facebook users worldwide has been leaked on a popular hacker forum for free.
The stolen data first appeared on a hacking community in June 2020 when a member began selling the Facebook data to other members. This leak included member information that can be scraped from public profiles and private mobile numbers associated with the accounts.
The sold data included 533,313,128 Facebook users, with information such as a member’s mobile number, Facebook ID, name, gender, location, relationship status, occupation, and email addresses.
From samples obtained it was found that almost every user record contains a mobile phone number, a Facebook ID, a name, and the member’s gender.
Alon Gal, CTO of cybercrime intelligence firm Hudson Rock stated that threat actors exploited a now-patched vulnerability in Facebook’s “Add Friend” feature that allowed them to gain access to member’s phone numbers.
However, it is not known whether the vulnerability allowed the attackers to retrieve all of the information in the leaked data or just the phone number, which was then combined with information scraped from public profiles.
After the data was initially sold for around $30,000, another hacker created a private Telegram bot that allowed other threat actors to pay to search through the Facebook data.
Now, this Facebook data leak has been released for free on the same hacker forum for eight site ‘credits,’ a form of currency on the hacker forum, equal to approximately $2.19.
The data breaches are initially sold in private sales for a high price, but they can be sold for lower prices until they are released for free in order to earn reputation within the hacker community.
So, people began to sell for cheaper and cheaper until it is leaked for free.
The data leak also included the phone numbers for three of Facebook’s founders – Mark Zuckerberg, Chris Hughes, and Dustin Moskovitz, which are the 4th, 5th, and 6th members first registered on Facebook.
The top 20 countries where members were exposed in this leak includes Egypt, Tunisia, Italy, USA, Saudi Arabia, France, Turkey, Morocco, Colombia, Iraq, Africa, Mexico, Malaysia, United Kingdom, Algeria, Spain, Russia, Sudan, Nigeria and Peru.
The releases data can be used by other threat actors to perform attacks on the people listed in the data leak. The email addresses can be used for phishing attacks and mobile numbers for smishing (mobile text phishing) attacks.
The mobile numbers and leaked info can also be used to conduct SIM swap attacks to steal multi-factor authentication codes sent via SMS.
All Facebook users are advised to stay cautious about suspicious emails or texts requesting further information or asking you to click on enclosed links.