Cyber-security intelligence firm Cyble last weekend discovered that personal data of 267 million Facebook users were being sold on the Dark Web and through hacking forums for £500.
The leaked data includes email addresses, names, Facebook IDs, dates of birth, and phone numbers. Thankfully, these records do not contain user passwords. However, the leaked data is enough to perform spear-phishing and malware scams against victims to steal credentials.
#Exclusive & #Breaking – 267 Million @Facebook Identities Sold for 500 Euros – online identities value is diminishing these days!https://t.co/UfEcsLBiKz#DarkWeb #ThreatIntel @BleepinComputer @Bank_Security @USCERT_gov @IndianCERT @NCSCgov @EU_Commission pic.twitter.com/iWXmu1r78M
— Cyble (@AuCyble) April 20, 2020
Cyble told BleepingComputer that their researchers purchased and verified the database themselves and they are adding details of the affected Facebook accounts to their https://AmIbreached.com breach notification service. Users can go to this link to check if their Facebook account was compromised.
“At this stage, we are not aware of how the data got leaked at the first instance. It might be due to a leakage in third-party API (Application Programming Interface) or scrapping,” Mr. Beenu Arora, CEO and Founder of Cyble said in a statement.
Cyble recommends users to tighten their privacy settings on their Facebook accounts, and be cautious of unsolicited emails and text messages.
In December 2019, a similar trove of more than 267 million Facebook users’ personal information was left exposed in an open Elasticsearch database on the Dark Web. This trove was discovered by Comparitech in collaboration with security researcher Bob Diachenko.
The database was openly accessible by anyone without a password or any form of authentication and comprised full names, phone numbers, and user IDs of 267,140,436 Facebook users, mostly residing in the U.S.