Table of Contents
Facebook is notorious for being careless with customer data.
In March 2019, Facebook admitted to storing hundreds of millions of account passwords in plaintext. But that’s not all!
In April of the same year, it was discovered that over 540 million user records were stored on a public server.
The same happened in September 2019: the data of over 419 million users was discovered sitting on an exposed server.
Also, the server did not even belong to Facebooks. Subsequent data breaches kept happening till the end of 2019.
Recently, the data of over 500 million users was leaked on a cybercrime forum for free.
It is believed this was the data extracted by hackers in 2019.
What Kind of Facebook Data Was Leaked?
The leaked data includes Facebook’s IDs, phone numbers, full names, locations, email addresses, birthdates, account creation dates and even relationship statuses.
32 million leaked records belonged to U.S. users, 11 million to the U.K., and about 6 million to Indian users.
This is a huge amount of data that can be used for social engineering attacks.
On the bright side, Facebook’s has already fixed the vulnerability used by hackers to steal this much data.
The discovery was made in January 2021 during a routine security review. According to Facebook’s Pedro Canahuati.
“This caught our attention because our login systems are designed to mask passwords using techniques that make them unreadable. We have found no evidence to date that anyone internally abused or improperly accessed them.”
Facebook did not comment on the origin of the bug.
However, it is still unclear why Facebooks took months to report the issue.
If your phone number is linked to your Facebook account, there is a very high chance your data has been compromised.