A social media user named Alon Gal (@UnderTheBreach) shared a large chunk of Facebook data for free on a cybercrime forum. The data contained the personal information of around 533 million users from 106 countries. It includes full names, phone numbers, locations, dates of birth, Facebook IDs, and email addresses.
In the same Twitter thread, Gal referred to the telegram chat as one example of a data breach. Apparently, the telegram bot was designed to find phone numbers related to a Facebook account. The bot sold data to many users as can be seen from the images below. Another image shows the list with the number of affected users by the country.
Leaked Facebook Data of Users Raises Concern
Alon Gal is a Chief Technology Officer at a cybercrime intelligence firm, Hudson Rock. Reportedly, he was the first one to discover the entire Facebook data leak on 3rd April. The report immediately caught the eye of media reporters and analysts. Some joined in on the ongoing criticism on Facebook while others did not find the report credible due to several issues. For example, Tunisia has only 11.59 million population and the list showed it on number 99 with more than 35 million Facebook users. Then it was showing again on number 100 with 1.6 million users.
On the other hand, many agencies reviewed the data and cross-referenced each information with another. They were able to verify most of the data which made the news viral. As a result, public fears and concerns about Facebook have grown more than ever.
Facebook and Data Breaches Go Hand in Hand
This Facebook data leak happened in 2019 due to weaknesses in privacy settings. According to the reports, the company patched the flaw but the leaked info remained on the internet. As Alon Gal found and shared that data again, it is understandable that many others could have also accessed it.
The incidents of data breaches are not new among tech giants, especially Facebook. In the same year, millions of Facebook users’ phone numbers were lurking online after the company left the data exposed. Later, the news went viral that Cambridge Analytica unraveled the data of over 80 million users. According to the reports, in 2015 Cambridge Analytica targeted users with political ads to influence US Elections 2016. The social network has been under heavy criticism and lawsuits since.
Users Are Unable to Accept Facebook’s Response
Facebook claimed that it has taken measures to reduce mass user data-scraping. About the latest development, it said that the data posted by Gal shows “old data” and the problem was resolved 3 years ago. The users begged to differ at this statement by Facebook as the data was clearly there.
Security experts argue that there is not much Facebook can do once the data has been leaked. It is because the user data is already online and vulnerable to access. They advised Facebook to at least admit its security flaws and always notify the users to be vigilant about suspected data phishing or fraud on their platform.