Latest


Data of 267 million Facebook users leaked online: Report

  •   Fri, Dec 20 2019 06:08:36 PM

London, Dec 20 (IANS): A database containing personal details of more than 267 million Facebook users was allegedly left exposed on the web, according to a report from Britain-based tech research firm Comparitech and security researcher Bob Diachenko.

Diachenko believes the trove of data -- including Facebook user IDs, phone numbers and names -- is most likely the result of an illegal scraping operation or Facebook API abuse by criminals in Vietnam.

"Scraping" is a term used to describe a process in which automated bots quickly sift through large numbers of web pages, copying data from each one into a database.

The information contained in the database could be used to conduct large-scale SMS spam and phishing campaigns, among other threats to end users, said the report on Thursday, adding that most of the affected users were from the US.

The revelations come at a time when Facebook is trying to regain the trust of its users with protection of their data following the Cambridge Analytica scandal that badly hit its reputation.

More than one and a half years after the Cambridge Analytica scandal first became public, the US Federal Trade Commission (FTC) earlier this month said that the now-defunct British data analytics and consulting company engaged in deceptive practices to harvest personal information from tens of millions of Facebook users for voter profiling and targeting.

After discovering that personal details of 267 million Facebook users were exposed online, Diachenko notified the Internet service provider managing the IP address of the server so that access could be removed.

However, the data was also posted to a hacker forum as a download, said the security researcher.

Facebook IDs are unique, public numbers associated with specific accounts, which can be used to discern an account's username and other profile info.

While how criminals obtained the user IDs and phone numbers is not entirely clear, one possibility is that the data was stolen from Facebook's developer API before the company restricted access to phone numbers in 2018.

Facebook's API is used by app developers to add social context to their applications by accessing users' profiles, friends list, groups, photos and event data. Phone numbers were available to third-party developers prior to 2018.

Facebook's API could also have a security hole that would allow criminals to access user IDs and phone numbers even after access was restricted, Diachenko said.

Another possibility is that the data was stolen without using the Facebook API at all, and instead scraped from publicly visible profile pages, according to the report.

This isn't the first time such a database has been exposed. In September 2019, 419 million records across several databases were exposed, including phone numbers and Facebook IDs.

The report warned that Facebook users should be on the lookout for suspicious text messages.

Even if the sender knows your name or some basic information about you, be sceptical of any unsolicited messages, it added.

 
  

Top Stories


Leave a Comment

Title: Data of 267 million Facebook users leaked online: Report



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.

You might also like