If you’re a Facebook user wondering if your personal information has leaked, the answer at this point is almost certainly yes. Following the arrival of 400 million users in September, Facebook had another data breach. This failure resulted in the exposure of more than 267 million users, mostly residing in the United States.
The given data includes personal information, including name, number, and login information. The breach was discovered by an independent security consultant in Kyiv Ukraine, Bob Diachenko.
Comparative and security researcher Bob Diachenko has discovered a Facebook user database that has been displayed online for weeks. It was gone, but not before data links appeared on hacker forums. Yes, this is a company that wants to create its own operating system so that it can stop using the open-source Android OS.
Diachenko explained in detail the Facebook data breach
Diachenko explained that he discovered this file while surfing a hacker forum. The information has been online for a minimum of ten days. Apparently, he informed the hosting site, who sought to take action. Information is no longer available at press time.
Bob Diachenko, a Cyber Threat Intelligence Director and journalist at SecurityDiscovery.com. Image via cisomag
Data is available in Elaticsearch, a distributed full-text search engine. The researchers reported that the Facebook database first appeared in Elaticsearch on or about December 4. On December 12, the data appeared as download on a hacker forum. Two days later, Diachenko discovered the database and sent the abuse report to the ISP associated with the AP address. On December 19, the database disappeared from Elaticsearch.
However, the information is already widely available online. With ten days of file mining, a bunch of hackers were definitely able to gain access and data. Users should change their password to protect themselves.
Clearly, data was collected illegally. Current research shows that a group of hackers in Vietnam scraped the data from public sites or by gaining privileged account access. The hackers may have used a system similar to the Facebook feature disabled in 2018 that allowed users to search for each other via phone numbers.
How criminals get their user ID and phone number is not entirely clear. One possibility is that data was stolen from Facebook’s developer API before the company restricted access to phone numbers in 2018. Facebook’s API is used by app developers to add context. Socially access their apps by accessing user profiles, friends lists, groups, photos, and event data. Phone numbers were available to third party developers before 2018.
Diachenko said the Facebook API could also have security vulnerabilities that allow criminals to access user IDs and phone numbers even when access is restricted.
Another possibility is that the data was stolen without using the Facebook API, and was instead taken from publicly visible profile pages.
“Scraping” is a term used to describe a process in which bots automatically quickly screen through a large number of websites, copying data from each page into the database. This makes it difficult for Facebook and other social media sites to block because they often cannot tell the difference between legitimate users and bots. Scraping is against the terms of service of Facebook and most other social networks.
Security fears sparked Libra’s debate
The technology giant’s repeated failures have attracted significant concerns from users and regulators. The company’s tracking profile is anything but encouraging for those who store any information on Facebook.
Moreover, the risks associated with such a violation also expose advertisers and users to other features. Of particular interest is access to credit card numbers through login information.
Of course, the secondary issue the company faces is related to issues with the proposed digital currency, Libra. Facebook has suggested that international financial transactions can take place through Libra very simply.
However, with these types of violations occurring regularly, many people believe that Facebook is not fully equipped to handle security. The trouble for Facebook adding another financial component will only increase the risk factor.
Instead, many have argued that Bitcoin, unlike stablecoins like Libra, operates independently. Users only need to protect their private keys for security personally. In this sense, Bitcoin is safer than Facebook or Libra ever had.
400 million phone numbers of Facebook users are revealed in privacy
The phone number linked to more than 400 million Facebook accounts has been listed online within the latest security breach for the social media giant, US media reported on September 4.
Until April 2018, Facebook users can search each other by phone number or email address. However, after the Cambridge Analytica data abuse scandal – which saw the personal information of 87 million Facebook users being exploited – the social media giant removed that feature, limiting its ability to access to user information.
However, a security researcher recently told TechCrunch that a database of 419 million phone numbers associated with a Facebook account is sitting on a password-protected server, just waiting for anyone to find it.
Although the server does not belong to Facebook, the database reveals a unique Facebook ID associated with each phone number – in some cases, name, gender, and location are also listed.
Of the hundreds of millions of records revealed, 133 million belong to US users, 18 million are UK-based user-profiles, and 50 million are from Vietnam.
- The Ethereum Reddit community supports reducing block rewards to 1 ETH
- McAfee: There are only 374 days left after the bet that Bitcoin reaches over $ 1 million by 2020, and will a dream come true?