Data of 267 million Facebook users leaked online

A database containing personal details of more than 267 million Facebook users was allegedly left exposed on the web, according to a report from Britain-based tech research firm Comparitech and security researcher Bob Diachenko.

Diachenko believes the trove of data -- including Facebook user IDs, phone numbers and names -- is most likely the result of an illegal scraping operation or Facebook API abuse by criminals in Vietnam.

"Scraping" is a term used to describe a process in which automated bots quickly sift through large numbers of web pages, copying data from each one into a database.

The information contained in the database could be used to conduct large-scale SMS spam and phishing campaigns, among other threats to end users, said the report on Thursday, adding that most of the affected users were from the US.

Facebook is reportedly investigating the issue.

"We are looking into this issue, but believe this is likely information obtained before changes we made in the past few years to better protect people's information," a Facebook spokesperson told Engadget.

The revelations come at a time when Facebook is trying to regain the trust of its users with protection of their data following the Cambridge Analytica scandal that badly hit its reputation.

More than one and a half years after the Cambridge Analytica scandal first became public, the US Federal Trade Commission (FTC) earlier this month said that the now-defunct British data analytics and consulting company engaged in deceptive practices to harvest personal information from tens of millions of Facebook users for voter profiling and targeting.

After discovering that personal details of 267 million Facebook users were exposed online, Diachenko notified the Internet service provider managing the IP address of the server so that access could be removed.

However, the data was also posted to a hacker forum as a download, said the security researcher.

Facebook IDs are unique, public numbers associated with specific accounts, which can be used to discern an account's username and other profile info.

While how criminals obtained the user IDs and phone numbers is not entirely clear, one possibility is that the data was stolen from Facebook's developer API before the company restricted access to phone numbers in 2018.

Facebook's API is used by app developers to add social context to their applications by accessing users' profiles, friends list, groups, photos and event data. Phone numbers were available to third-party developers prior to 2018.

Facebook's API could also have a security hole that would allow criminals to access user IDs and phone numbers even after access was restricted, Diachenko said.

Another possibility is that the data was stolen without using the Facebook API at all, and instead scraped from publicly visible profile pages, according to the report.

This isn't the first time such a database has been exposed. In September 2019, 419 million records across several databases were exposed, including phone numbers and Facebook IDs.

The report warned that Facebook users should be on the lookout for suspicious text messages.

Even if the sender knows your name or some basic information about you, be sceptical of any unsolicited messages, it added.

Comments

Helpful info. Lucky me I found your site by accident, and I'm stunned why this coincidence didn't happened in advance!
I bookmarked it.

Add new comment

Coastaldigest.com reserves the right to delete or block any comments.
Coastaldigset.com is not responsible for its readers’ comments.
Comments that are abusive, incendiary or irrelevant are strictly prohibited.
Please use a genuine email ID and provide your name to avoid reject.

Trump warns Iran against 'massacre' as Tehran students protest jetliner shootdown

News Network

January 12,2020

Washington, Jan 12: US president Donald Trump said Saturday the United States was monitoring Iranian demonstrations closely, warning against any new “massacre” as protests broke out after Tehran admitted to shooting down a passenger plane.

Iran said earlier it unintentionally downed a Ukrainian jetliner outside Tehran, killing all 176 people aboard, in an abrupt about-turn after initially saying that it had crashed due to mechanical failure. The firing came shortly after Iran launched missiles at bases in Iraq housing American forces.

President Hassan Rouhani said a military probe into the tragedy had found that “missiles fired due to human error” brought down the Boeing 737, calling it an “unforgivable mistake.”

Trump told Iranians -- in tweets in both English and Farsi -- that he stands by them and is monitoring the demonstrations.

“To the brave, long-suffering people of Iran: I've stood with you since the beginning of my Presidency, and my Administration will continue to stand with you,” he tweeted.

“There can not be another massacre of peaceful protesters, nor an internet shutdown. The world is watching,” he added, apparently referring to an Iranian crackdown on street protests that broke out in November.

“We are following your protests closely, and are inspired by your courage," he said.

The new demonstrations follow an Iranian crackdown on street protests that broke out in November. Amnesty International has said it left more than 300 people dead. Internet access was reportedly cut off in multiple Iranian provinces ahead of memorials planned a month after the protests.

On Saturday evening, police dispersed students who had converged on Amir Kabir University in Tehran to pay tribute to the victims, after some among the hundreds gathered shouted "destructive" slogans, Fars news agency said.

State television reported that students shouted "anti-regime" chants, while the news agency Fars reported that posters of Soleimani had been torn down.

Comments