What just happened? It appears that Facebook’s decision to give app developers too much access to users’ personal information is backfiring again. A new report has revealed that user names and phone numbers of over 267 million US user accounts have been scraped by malicious actors and uploaded to a hacker forum.
According to a report from Comparitech, around 267 million Facebook user names and phone numbers were left exposed on a web server with not even a password to prevent unauthorized access. This isn’t the first time this has happened. In September, a researcher found the personal information of over 400 million Facebook accounts from all over the world stored on an unsecured web server. Luckily, that dataset turned out to be old and there’s no evidence that it was used to compromise any accounts.
Comparitech along with security researcher Bob Diachenko uncovered the new treasure trove for data thieves, which was stored on an Elasticsearch cluster. Diachenko suspects it was obtained through an illegal scraping operation in Vietnam that abused a Facebook API.
The resulting dataset could be used in SMS spam and phishing campaigns, and it was online between December 4 and December 18. It appears that most of the user IDs, phone numbers, and names belong to US Facebook accounts, and were allegedly shared on a hacker forum.
A Facebook spokesperson said the company is investigating the report, and reiterated that this may be another old dataset from 2018 when developers were able to access too much information from publicly visible profile pages. The company restricted access after the Cambridge Analytica scandal.
- Which console is right for you? Xbox Series X vs. PS5The Xbox Series X and PS5 from Microsoft and Sony, respectively, are due to arrive in 2020, … Read More
- PlayStation 5 will launch Nov. 12 at GHC2900Sony’s upcoming PlayStation 5 video game console will cost GHC3,000 and launch Nov. 12, the company said … Read More
- Here are our 6 favourite iOS 14 features and how to make good use of themApple just released iOS 14 and it brings a ton of new features to your iPhone. We’ll … Read More
- 5 most important security and privacy features of iOS 14 and iPadOS 14 you need to know aboutiOS 14 is out, and if you’re brave enough to install it you will be getting some new security … Read More
- Microsoft’s Bill Gates Lauds Ghana For Exemplary LeadershipAmerican business magnate and Co-founder of Microsoft, William Henry Gates, popularly known as Bill Gates, has, lauded … Read More
One way to protect yourself is to make sure that only friends have access to your profile picture, your details, and what you post on your wall. Also, make sure the option “Do you want search engines outside of Facebook to link to your profile” is set to “no” as this is one of the things that facilitated the Elasticsearch scraping.
In related news, Facebook hard disks containing payroll information were stolen earlier this month during a car robbery. No Facebook user data was compromised, but it prompted the company to tighten its security policies.