IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Personal data of 533 million Facebook users found on hacking forum

The leaked records contained users' phone numbers, Facebook IDs, full names and relationship status

Facebook was at the center of a data privacy storm over the weekend after a hacker published 533 million users’ details on a low-level hacking forum.

The data was downloadable for free and allowed anyone downloading it to look up a Facebook user's record using their phone number.

The records, representing roughly a fifth of the company's entire user base, contained users' phone numbers, Facebook IDs, full names, previous locations, birth dates, relationship status, and biographies. It also includes some of their email addresses.

Alon Gal, chief technology officer of cyber crime intelligence company Hudson Rock, tweeted the news on Saturday after discovering the data posted for free on a forum. It followed a tweet he posted in January this year, warning that a vulnerability had allowed the database to be created in early 2020. The January tweet warned that the user had created a Telegram bot that would allow anyone to query the database for a low fee, allowing people to find phone numbers linked to many Facebook accounts.

The January tweet showed the data breach contained 32.3 million US Facebook accounts, representing just under 10% of the entire US population.

Related Resource

IT Pro 20/20: Meet the companies leaving the office for good

The 15th issue of IT Pro 20/20 looks at the nature of operating a business in 2021

IT Pro 20/20: Leaving the office for goodDOWNLOAD NOW

According to a statement Facebook sent to Business Insider, the first outlet to report the news, these stolen credentials aren’t new. Facebook said that it stemmed from a vulnerability it patched in 2019. However, once the hacker stole the data from its network, little can the company do to stop it from spreading online.

"Bad actors will certainly use the information for social engineering, scamming, hacking and marketing," Gal said on Twitter.

Security research Troy Hunt added the data to his website over the weekend to allow people to see if their email addresses are part of the breach. At the time of this writing, he hadn’t yet entered the stolen phone numbers and was considering what to do with that information.

This isn’t the first time Facebook has come under fire for privacy and security issues. In 2019, the FTC fined Facebook $5 billion for misleading users over how it shared their data with third parties and for failing to change its privacy practices following a 2011 FTC settlement.

Featured Resources

Meeting the future of education with confidence

How the switch to digital learning has created an opportunity to meet the needs of every student, always

Free Download

The Total Economic Impact™ of IBM Cloud Pak® for Watson AIOps with Instana

Cost savings and business benefits

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

Technology reimagined

Why PCaaS is perfect for modern schools

Free Download

Recommended

Ten ways to protect your company from the next big data breach
data breaches

Ten ways to protect your company from the next big data breach

18 Feb 2022
Gumtree site code made personal data of users and sellers publicly accessible
data protection

Gumtree site code made personal data of users and sellers publicly accessible

16 Dec 2021
US government warns of increased risk of ransomware over holiday season
ransomware

US government warns of increased risk of ransomware over holiday season

24 Nov 2021
Pizza chain exposed 100,000 employees' Social Security numbers
data breaches

Pizza chain exposed 100,000 employees' Social Security numbers

19 Nov 2021

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

7 Jun 2022
Delivery firm Yodel disrupted by cyber attack
cyber attacks

Delivery firm Yodel disrupted by cyber attack

21 Jun 2022
Salaries for the least popular programming languages surge as much as 44%
Development

Salaries for the least popular programming languages surge as much as 44%

23 Jun 2022