Facebook Inc (NASDAQ:FB) is at the center of another hacking incident, and this time, they stole the personal data of more than 533 million users. The hackers posted the information in a low-level hacking forum, according to Insider.
Facebook users' data posted on hacking forum
The information that was exposed includes that of 32 million U.S. users, 11 million U.K. users and 6 million Indian users. The data includes Facebook IDs, full names, phone numbers, birthdates, locations and bios. Some users also had their email addresses leaked.
Insider looked at a sample of the leaked data and verified a number of records by matching the phone numbers of Facebook users they knew with the IDs included in the data. The news site also tested email addresses from the data in Facebook's password-reset feature, which can be used to reveal part of the user's phone number.
A spokesperson for Facebook told Insider that the hacker scraped the information via a vulnerability they patched in 2019. According to Alon Gal of cybercrime intelligence firm Hudson Rock, who discovered the data cache over the weekend, cybercriminals could still find the data useful even though it is about two years old. Cybercriminals may use it to impersonate the Facebook users or scam them into giving them their password.
Gal told Insider that the leak of a database of that size containing private information would "certainly lead to bad actors taking advantage of the data to perform social-engineering attacks [or] hacking attempts.
How to check if your information was leaked
Gal noticed the leaked information in January when another user in the same hacking forum advertised a bot that could deliver the phone numbers of hundreds of millions of Facebook users. Motherboard reported on the existence of the bot at the time and verified the legitimacy of the information. Now the information has been posted on the hacking forum free so that anyone with basic data skills would be able to access it.
With so many users' information compromised, there is a good chance your data has been revealed as well. The News Each Day has created a basic tool that allows you to enter your phone number to check if it's included in the leak. Gizmodo tested the tool using some data from the real leak and found it to be accurate.
Facebook is part of the Entrepreneur Index, which tracks 60 of the largest publicly traded companies managed by their founders or their founders' families. Even founder and CEO Mark Zuckerberg had his phone number leaked in the data set.