It looks like Facebook is going to be making headlines for all the wrong reasons again this week, as personal data from 533 million accounts has leaked online. The leak sees accounts from users in 106 countries compromised, including 32 million users in the US and 11 million users from the UK.
The leak was first brought into the public eye by security researcher, Alon Gal, and verified by Business Insider. According to the report, the list of personal details leaked includes full names, phone numbers, Facebook IDs, locations, birthdates, email addresses and bio information.
This leak was initially private, with portions of it being sold on apps like Telegram. However, all of the records are now available for free. According to Facebook, this data was obtained by exploiting an old vulnerability that was fixed back in 2019.
Unfortunately, phone numbers being included here is a big deal. There are many services available that can send spam calls and messages just using someone’s phone number and in this case, that phone number is also attached to a name and other information, making it easier to target people. At the moment, Troy Hunt, creator of the Have I Been Pwned database is considering whether to make phone numbers searchable in the database to help users find out if they’ve been affected.
Discuss on our Facebook page, HERE.
KitGuru Says: This is a huge leak and could put a lot of people at risk of being scammed. We’ll no doubt see data protection regulators chiming in on this in the days to come with new investigations into Facebook and how it handles sensitive user data.