267 Million Facebook Users Leaked to the Network

According to a Forbes report, a security researcher found an unprotected data base with social network users’ names and phone numbers. The information may be used by telemarketers, spam providers and hackers for phishing scams.

If you started getting more phone calls from telemarketing you can blame Facebook. A security researcher named Bob Diachenko recently found a database of Facebook account information, including their names, and 267 million users’ phone numbers. The repository was available in unprotected format and copied to various hackers’ forums. That’s how Forbes reports.

Reporters indicate that this is a real treasure trove for telemarketers and spam providers, since the information seems legitimate and comes from the social network itself, rather than from an unreliable source. Owning this information means that we can commit phishing scams and link the data from phone calls to Facebook user profiles. The information is revealed through an application programming interface, which allows developers access to end data such as a list of friends, groups, and images. The information was likely to be protected, as a private database, even in hackers’ forums, but was hacked into the public and made available to anyone for two weeks.

Hackers routinely download or acquire such information on the Dark Web. The difference here is that this repository is original because it also includes information from Facebook users, and because it includes phone numbers, hackers can create more sophisticated attacks that can include phone and e-mail scams. So according to the report.

Facebook has been criticized in recent years for what was seen as a careless security policy. In the most famous case, Cambridge Analytica is involved which has cut customer personal information by using an app that pretended to be an academic survey. This breach of security is much wider in its dimensions. While Cambridge Analytica collected information from 87 million users through the survey, the latest leak includes information from 267 million accounts. There is currently no way for users to check if their information has been stolen or if the repository is still in the various hacker forums.