KUALA LUMPUR, April 5 — Facebook makes it so easy for us to automatically link our accounts to other features, sites, and other apps.
But here’s a little reminder to check up on the kind of personal data you’ve added on the widely used platform, as Israeli cybersecurity company Hudson Rock co-founder Alon Gal highlighted a leaked database containing data from 533,000,000 Facebook users.
All 533,000,000 Facebook records were just leaked for free.
— Alon Gal (Under the Breach) (@UnderTheBreach) April 3, 2021
This means that if you have a Facebook account, it is extremely likely the phone number used for the account was leaked.
I have yet to see Facebook acknowledging this absolute negligence of your data. https://t.co/ysGCPZm5U3 pic.twitter.com/nM0Fu4GDY8
The information released included the number of affected victims from more than 100 countries. This included Malaysia — with over 11 million Malaysians (exactly 11,675,894 Malaysians) had their data leaked. The data leaked included names, mobile numbers, emails, gender, occupation, city, country, marital status, and others.
“This means that if you have a Facebook account, it is extremely likely the phone number used for the account was leaked,” tweeted Gal, “I have yet to see Facebook acknowledging this absolute negligence of your data.”
However, Director of Strategic Response Communications for Facebook Liz Bourgeois has responded on Twitter that it was “old data that was previously reported on in 2019,” and that they have “found and fixed this issue” in August 2019.
Despite that, Gal mentions on 3 April that the data was “just leaked for free”. This means that the information leaked can still be exploited by crude marketers, scammers, and hackers.
Previously, Gal also reported a leak of the same Facebook database on 14 January this year. A Telegram bot also allowed users to query the database for a low fee — enabling people to find phone numbers linked to the Facebook users affected.
In early 2020 a vulnerability that enabled seeing the phone number linked to every Facebook account was exploited, creating a database containing the information 533m users across all countries.
— Alon Gal (Under the Breach) (@UnderTheBreach) January 14, 2021
It was severely under-reported and today the database became much more worrisome 1/2 pic.twitter.com/ryQ5HuF1Cm
Since Facebook hasn’t officially address the security concern, I advise you to review the personal information you’ve shared on Facebook — including your email, phone number and other sensitive data. Don’t click on links or anything you don’t fully trust, either. — SoyaCincau