533 Million Facebook Users Had Their Data Stolen and Leaked Online

Facebook Data Stolen and Leaked Online

On Saturday, April 3rd, a user from a hacking forum published the personal data from more than 500 million Facebook users. The hacked and published data were available at the forum for free and includes the telephone number, locations, bios, birthdates, and even email addresses.

According to what was analyzed, the data stolen is from users located in 106 different countries – including 32 million in the US, 11 million in the UK, 6 million in India, and around 3 million in Canada.

Alon Gal, the CTO of Hudson Rock, a very well-known cybercrime intelligence firm, was the first to discover the leak on Saturday. He first tweetedAll 533,000,000 Facebook records were just leaked for free. This means that if you have a Facebook account, it is extremely likely the phone number used for the account was leaked.”

Later on the same day, Gal gave Business Insider an interview and confirmed the leak and the worries of such a huge database being leaked for free, “A database of that size containing the private information such as phone numbers of a lot of Facebook’s users would certainly lead to bad actors taking advantage of the data to perform social-engineering attacks or hacking attempts“.

Facebook Statement About the Leak

The communication chief from Facebook published an explanation on her Twitter page. Liz Bourgeois wrote, “This is old data that was previously reported on in 2019. We found and fixed this issue in August 2019.”

So, even though the data is from 2019, it’s still affecting those 533 million users, and it’s a powerful tool for cybercriminals looking at the user’s personal information as the data is active and personal.

Facebook Cloud

And as the data is already leaked, Alon Gal confirmed that there wasn’t much Facebook could do to help the affected users. Maybe a simple notification to let users know that they should be careful with possible frauds or phishing schemes with their personal information.

And on Sunday, Andy Stone, a Facebook spokesperson told CNN that, “In 2019, we removed people’s ability to directly find others using their phone number across both Facebook and Instagram – a function that could be exploited using sophisticated software code, to imitate Facebook and provide a phone number to find which users it belonged to.”

Still, Facebook gave no information on whether they notified the users that their data got leaked or not. Because, as Alon Gal told Insider,Individuals signing up to a reputable company like Facebook are trusting them with their data, and Facebook is supposed to treat the data with the utmost respect. Users having their personal information leaked is a huge breach of trust and should be handled accordingly.

How to Find Out if Your Data Got Leaked

Unfortunately, it’s difficult to find out if your phone number got leaked in any hack attack like the one on Facebook. But it’s possible to check other personal data, especially your email address, on websites like HaveIBeenPwned.com, that cross your information with other accounts to warn you if your details got leaked online and where they were leaked.

But to keep yourself secure, it’s important to always change your passwords, use a password manager, and set up the two-factor authentication on the websites where that is possible.

The password manager will create longer and safer passwords for your accounts while preventing any possible password-related breaches, and two-factor authentication is a method of accessing websites and apps only after presenting two or more pieces of evidence of your identity – it can be a password, a PIN, a security token, fingerprints, face scanning, voice, and so on.

By Gary Bernstein

Gary Bernstein
Common DevOps Misconceptions 86% of businesses say it’s important for their company to develop and produce new software fast to win market share and beat the competition, Harvard Business Review reveals. Yet, just 10% of businesses ...
Security Breach 10 Useful Cloud Security Tools
Cloud Security Tools Cloud providing vendors need to embed cloud security tools within their infrastructure. They should not emphasize keeping high uptime at the expense of security. Cloud computing has become a business solution for ...
Stacey Farrar
Modern Auth and Exchange Online Migrations Microsoft has phased out Basic Authentication (Basic Auth), replacing it with Modern Authentication (Modern Auth) to provide increased protection and user security. Through this, Microsoft has turned off Basic ...
Mark Greenlaw
Free Cloud Migrations are Expensive The cloud is becoming the primary place where work gets done. By 2025, Gartner estimates that enterprise spending on public cloud computing will overtake traditional IT hardware. Why? One reason ...
John Peluso
Save Your Organization on Cloud Costs Organizations of all sizes are currently navigating their plans to avoid the recent surge in cyber-attacks and data breaches and preparing for unforeseen setbacks. Building a sensible backup and ...
Patrick Melampy
Cloud On-Ramp and Protecting Performance The expansion of remote work and the massive growth in usage of cloud-based applications have stressed existing infrastructure and put a keen focus on the performance of everyone’s network environment ...
Drew Firment
Stop Focusing on Cloud Adoption and Start Focusing on Cloud Maturity For the past several years, most organizations have made it their priority to shift much of their applications and data from on-premises to the ...
Martin Mendelsohn
The Colonial Pipeline Dilemma The Colonial Pipeline is one of a number of essential energy and infrastructure assets that have been recently targeted by the global ransomware group DarkSide, and other aspiring non-state actors, with ...
The Report.png
Disaster Recovery Plan.png
Answer To Everything.png
Growing Up.png

PLURALSITE

Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization. 

(ISC)²

(ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees.

CYBRARY

CYBRARY Open source Cyber Security learning. The world's largest cyber security community. Cybrary provides free IT training certificates. Courses for beginners, intermediates, and advanced users are available.