More than 267 million Facebook users' phone numbers and names are leaked online, and there is a risk of being used for fraud
by
Comparitech , an IT-related reviewer and investigator, worked with security researcher Bob Diachenko to publish phone numbers and names of over 267 million Facebook users in an online database accessible to everyone I discovered that Although the database has already been deleted at the time of writing, the data has also leaked to the hacker forum, and Comparitech has warned that the data is at risk of being used for SMS spam and phishing scams.
Report: 267 Million Phone Numbers & Facebook User IDs Exposed Online
https://www.comparitech.com/blog/information-security/267-million-phone-numbers-exposed-online/
Millions of Facebook user phone numbers exposed online, security researchers say-CNET
https://www.cnet.com/news/millions-of-facebook-user-phone-numbers-exposed-online-security-researchers-say/
Comparitech and Diachenko are searching online unsecured databases and reporting data breaches and other issues. On December 14, 2019, Diachenko discovered that a large amount of Facebook user data was published online as an Elasticsearch database.
A total of 26,714,436 Facebook user data were stored in the database discovered this time, and most of the affected users were people living in the United States. Also, each record included Facebook account ID, phone number, and full name. Diachenko believes that this data breach is not accidental and is likely to have been intentionally leaked by a malicious person.
by
According to Mr. Diachenko, it takes about two weeks from the release of the database until it is finally deleted, and from the outflow of data to the deletion of the database progressed in the following timeline.
・ December 4, 2019: The database will be indexed first.
・ December 12, 2019: The data will be posted to the hacker forum in a downloadable state.
・ December 14, 2019: Diachenko discovers the database and immediately sends an abuse report to the ISP that manages the IP address of the server.
・ December 19, 2019: The database will be deleted.
Normally, if you discover that a database has been released online and personal information has been leaked, it is common practice to first notify the database owner. However, Diachenko explained that he contacted his ISP directly because he thought the data breach was obviously due to a malicious criminal organization.
by iAmMrRob
It's not clear how the criminal got the Facebook account ID, phone number, etc., but in 2018 Facebook impersonated a third-party developer before Facebook restricted access to the phone number from the developer Facebook API It may have been stolen via the Facebook API. Diachenko also pointed out that there may be security holes that allow criminals to access more detailed information even after access to phone numbers from the Facebook API is restricted.
Another possibility is that data was collected using web scraping from a profile page published on Facebook. Although scraping that an automated bot copies data from a web page violates the terms of service of most SNS including Facebook, it is difficult to actually prevent scraping. Many people set their Facebook profile as public, but if you want to reduce the damage caused by scraping, you need to take measures such as limiting the scope of your profile.
Information such as phone numbers and names stored in the database leaked this time may be used for spam and phishing via SMS, Facebook users need to pay attention to suspicious text messages Comparitech is ringing a warning bell. Even if the sender knows personal information including the name, it is dangerous to trust easily because more personal information can be collected based on the leaked information.
Mr. Diachenko points out that there is a high possibility that the criminal involved in this outflow is Vietnamese because the welcome page linked to the database and the login dashboard included Vietnamese.
Related Posts:
in Web Service, Security, Posted by log1h_ik