toggle quoted messageShow quoted text
Thank you for sharing this article. It was very interesting. I am still on Facebook and Twitter, but I am gradually expanding my social media experience to other social media platforms. I am doing this because Facebook and Twitter are restricting free-speech and I am not necessarily confident in their ability to protect our online privacy anymore. The other social media platforms I am now on include www.gab.com and www.mewe.com. Both are pretty accessible. I encourage everyone to check them out.
On Apr 5, 2021, at 6:44 PM, Janet <firstname.lastname@example.org> wrote:
I just came across this article, and thought some might be interested in reding, so I copied and pasted below.
533 Million Facebook Users Stolen by Hackers
Personal Data of 533 Million Facebook Users Stolen by Hackers
APR 5, 2021, 11:17 AM EDT | 1 min read
A Facebook privacy page with a magnifying glass over the word privacy.
If you're on Facebook (and who isn't?), you may want to consider locking down all your accounts. A security researcher discovered the personal data of
533 million Facebook users
leaked online in a hacker forum. The data includes phone numbers, names, birthdates, emails, and more.
The data in question first leaked back in January, but at the time, hackers had to pay for it through a Telegram bot. That limited the spread somewhat
between the cost and the method to retrieve it. But over the weekend,
security researcher Alon Gal
discovered the data posted on a hacker forum for free.
All 533,000,000 Facebook records were just leaked for free.
This means that if you have a Facebook account, it is extremely likely the phone number used for the account was leaked.
I have yet to see Facebook acknowledging this absolute negligence of your data.
Alon Gal (Under the Breach)
In early 2020 a vulnerability that enabled seeing the phone number linked to every Facebook account was exploited, creating a database containing the information
533m users across all countries.
It was severely under-reported and today the database became much more worrisome 1/2
6:52 AM · Apr 3, 2021
The breach contains information on users across 106 countries, including 32 million US users and 11 million UK users. Troy Hunt, of
already has a copy of the data, and in his analysis,
(about 0.5%) contain email addresses. But far more contain phone numbers, birthdates, and other personally identifying information. Everything you might
need to pull off a sim swapping attack or take over an account.
Apr 3, 2021
Another general observation on this incident: I'm seeing *extensive* sharing of the data, both the entire corpus of countries and individual country files.
Not just in hacking circles, but very broadly on social media too. This data is everywhere already.
Email parsing now done, found 2,529,621 unique addresses across the 108 files. Call it about 0.5% of all records having an email address.
8:29 PM · Apr 3, 2021
For his part, Hunt is considering adding a
for phone numbers. Currently, you can only check your data against email addresses for breaches, but in this case, that's not very useful. But adding
a phone number field comes with risks, so Hunt is still deciding as of this publication.
In a statement to
Facebook stated that hackers stole the data using a vulnerability the company patched in late 2019. That means the data stolen is nearly two years old,
and if you've changed your email address or phone numbers since then, what the hackers have is out of date. But other data doesn't change of course, (like
birthdates), and people usually keep phone numbers and emails for many years, so the age of the data is of little comfort.
For its part, Facebook doesn't seem to be notifying affected users, which would be a helpful move. If you want to determine if you're part of the leak,
you can start with
For now, that's an email-only option, but hopefully, Hunt does add a phone number field in the future.
Peace Be With You.