Jump to content
Search In
  • More options...
Find results that contain...
Find results in...

Facebook Suffers Huge Leakage

Facebook acknowledges personal information of 500M users posted online, says data is ‘old’

 

Summary

Facebook has communicated user information has been hacked in a low-level breach. This includes phone numbers, contacts and other Facebook information available on accounts. 

 

Quotes

Quote

The phone numbers and personal data of more than 500 million Facebook users has been posted online by a low-level hacker in a forum for free.

 

Alon Gal, CTO of Hudson Rock, a cybercrime intelligence firm first discovered the leak on Saturday.

 

“All 533,000,000 Facebook records were just leaked for free,” he wrote in a tweet. “This means that if you have a Facebook account, it is extremely likely the phone number used for that account was leaked.”
 

“It was severely under-reported and today the database became much more worrisome,” he wrote.

 

By Gal’s count, 3,494,385 users in Canada were affected.

 

Quote
Facebook acknowledged the news in an emailed statement Saturday afternoon, but said the data was obtained during a breach in 2019.
 
“This is old data that was previously reported on in 2019,” a Facebook spokesperson said. “We found and fixed this issue in August 2019.”
 

 

My thoughts

Does not matter if previously reported. Facebook has a responsibility to its users to let them know their data has been hacked, so they can change passwords and emails. Awful behaviour by Facebook - 533 million accounts its not a joke. 

 

Sources

https://globalnews.ca/news/7737055/facebook-user-data-leaked/

This post is brought to you by water

 

Link to post
Share on other sites

Curious whether my data is in there...would be interesting to know.  Does anyone know if there is a reputable site to check.

 

On a similar note, I have always wondered about how open Facebook is in regards to hacks of the network.  I got a random spam email saying my email was "hacked"...the interesting thing was they used the password I used for Facebook (and only Facebook).  I know my computer wasn't compromised, but had never heard anything from Facebook about potential compromises but it always made me wonder.

3735928559 - Beware of the dead beef

Link to post
Share on other sites
4 hours ago, RorzNZ said:

 

Summary

Facebook has communicated user information has been hacked in a low-level breach. This includes phone numbers, contacts and other Facebook information available on accounts. 

 

 

This is why "real information" should not be used on the internet. Create a new name, create a weeaboo name, create a fanfic name, just do anything but use your real name, even when they demand you use your real name. If they have the typical "we are responsible for nothing" garbage arbitration terms of service, you don't give them your real name, because quite frankly, if they're not willing to put skin in the game, neither should you.

 

There's some absolute irony here because pre-19th century mythology always warned you about not giving your real name to strangers, because that was an early form of identity theft. 

 

I doubt there is a lot of information leaked that is directly usable, but people haven't needed to change their phone numbers since local number portability came into effect around 2008. So "it's old" is meaningless as anyone who has not changed their phone number since 2018, would have a current number. 

Link to post
Share on other sites
1 hour ago, Kisai said:

Create a new name, create a weeaboo name, create a fanfic name, just do anything but use your real name

Unless they are still pushing their "real name policy" BS....

Link to post
Share on other sites
1 hour ago, Kisai said:

This is why "real information" should not be used on the internet. Create a new name, create a weeaboo name, create a fanfic name, just do anything but use your real name, even when they demand you use your real name. If they have the typical "we are responsible for nothing" garbage arbitration terms of service, you don't give them your real name, because quite frankly, if they're not willing to put skin in the game, neither should you.

 

There's some absolute irony here because pre-19th century mythology always warned you about not giving your real name to strangers, because that was an early form of identity theft. 

 

I doubt there is a lot of information leaked that is directly usable, but people haven't needed to change their phone numbers since local number portability came into effect around 2008. So "it's old" is meaningless as anyone who has not changed their phone number since 2018, would have a current number. 

I use FB for university work and organising tutoring, so a fake name isn't really applicable. I use my middle name instead of my last name though. Probably emails would be the main concern for phishing. 

This post is brought to you by water

 

Link to post
Share on other sites
1 hour ago, Grand Admiral Thrawn said:

PSA: if you happen to use Facebook, check over here if your data has leaked: https://haveibeenpwned.com/

for an example try my old email (don't worry it's been deleted) which got hacked: cooldarmc@gmail.com 

 

[EDIT]

You can also try passwords now. 

This post is brought to you by water

 

Link to post
Share on other sites

It's not anywhere near as bad as it sounds. 

It's just the name, email address, Facebook UID and phone numbers of users (at most), and it was only on users that had that info public anyway. 

 

The "hacker" just scraped public info. The "security issue" was that there was no limit on how much info you could scrape. 

 

Edit: Some people have more than just the name, email, UID and phone numbers "leaked". For example marriage status, gender etc. But it is only info that was set to public. Basically, it's just an ordered text document of whatever info was public at the time someone scraped it. Seems like it's up to 12 different pieces of info that could be scraped.

Link to post
Share on other sites
2 hours ago, AldiPrayogi said:

Is it too late to deactivate my facebook account...

I deleted mine a while ago, but I am not so naive to think this means they no longer have my data.

🌲🌲🌲

Judge the product by its own merits, not by the Company that created it.

 

Don't dilute <good thing> by always trying to focus on, and drag conversation back to, <bad thing>.

🌲🌲🌲

Link to post
Share on other sites

For Facebook i used a temporary phone number,and the email address i use there is used exclusively for Facebook,

I entered the email to  Have I been Pwned and: "Good news — no pwnage found!"

30 minutes ago, LAwLz said:

It's not anywhere near as bad as it sounds. 

It's just the name, email address, Facebook UID and phone numbers of users (at most), and it was only on users that had that info public anyway. 

 

The "hacker" just scraped public info. The "security issue" was that there was no limit on how much info you could scrape. 

If that's true,then only my name and picture are available to the public and could be stolen,they could enter that to a facial recognition database..

Regardless of that i have been extremely careful when i opened my Facebook account 10 years ago,so the worst case scenario for me is minimal damage,and i don't use Facebook anymore.

A PC Enthusiast since 2011
AMD Ryzen 5 2600@3.9GHz | GIGABYTE GTX 1660 GAMING OC @ Core 2085MHz Memory 5000MHz
Cinebench R15: 1382cb | Unigine Superposition 1080p Extreme: 3439
Link to post
Share on other sites

I deleted my facebook account last year just checked all my e-mails on haveibeenpwned looks like they all safe.

Link to post
Share on other sites
2 hours ago, Grand Admiral Thrawn said:

PSA: if you happen to use Facebook, check over here if your data has leaked: https://haveibeenpwned.com/

This is a cool little site. Seems my E-mail has been pwned 3 times. Oh well, I'm poor, so good luck hackers!

 

Enjoy getting "lol, no" when trying to take out a home in my name.

LEONIDAS

CPU: Ryzen 7 3700x | GPU: MSI Ventus OC 2X 3060 Ti 8GB | Motherboard: MSI B550 Gaming Plus | RAM: Dominators 3200mhz 16GB

Hard Drives: WD SN550 NVME 1TB, 860 Evo 500GB | Case: be Quiet Silent Base 802| PSU: Corsair RM 750 80+ Gold Fully Modular

Monitors: Acer Nitro IPS 170Hz 1440pAcer KG240 TN 144Hz 1080p

Link to post
Share on other sites

I speak out of concern for the people, and can safely say that this is good news

Awareness is key. Never enough, even in the face of futility. Speak the truth as if you may never get to say it again. This world is full of ugly. Change it they say. The only way is to reveal the ugly. To change the truth you must first acknowledge it. Never pretend it isn't there. Never bend the knee.

 

Please quote my post in your reply, so that I will be notified and can respond to it. Thanks.

Link to post
Share on other sites
1 hour ago, LAwLz said:

It's not anywhere near as bad as it sounds. 

It's just the name, email address, Facebook UID and phone numbers of users (at most), and it was only on users that had that info public anyway. 

 

The "hacker" just scraped public info. The "security issue" was that there was no limit on how much info you could scrape. 

If that's the case, that explains why my email address didn't bring anything up, because I have everything set to family-only.

Link to post
Share on other sites

Is this the same or different than the 2019 Facebook data someone found for sale on the dark web?

Life is like a bowl of chocolates: there are all these little crinkly paper cups everywhere.

Link to post
Share on other sites
1 hour ago, Bombastinator said:

Is this the same or different than the 2019 Facebook data someone found for sale on the dark web?

According to Facebook itself the data is from 2019 and they already found and fixed the problem in August 2019, which is why they are not sweating over this new leaked info right now.

Link to post
Share on other sites

Its quite disturbing that social media sites aren't regulated yet to avoid these situations and disallow selling data, honestly it pisses me off and makes me avoid social media these days.

Link to post
Share on other sites
3 hours ago, FRD said:

According to Facebook itself the data is from 2019 and they already found and fixed the problem in August 2019, which is why they are not sweating over this new leaked info right now.

That’s a somewhat “yes and no” response.  If the data was from 2019 it’s not new data and this is not a new leak.  It’s newly found data but that is not “new leaked info” So according to Facebook it’s the old stuff.  Companies are notoriously less than trustworthy about such things.

Life is like a bowl of chocolates: there are all these little crinkly paper cups everywhere.

Link to post
Share on other sites

Data is old KEKW

Ryzen 7 3800X | X570 Aorus Elite | G.Skill 16GB 3200MHz C16 | Radeon RX 5700 XT | Samsung 850 PRO 256GB | Mouse: Zowie S1 | OS: Windows 10

Link to post
Share on other sites

Like I have been saying my data is most likely all out there in the wild already... It is just that my data isn't useful.... They have to scour though all the famous people only those are worth exploiting. 99% of all people's data is uselesssssss. Change your password a billion times and it will still get leak. 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×