309 million Facebook users’ phone numbers found online

kltaylorkltaylor Moderator, Beta Tester Posts: 1,231
1000 Comments 500 Likes 50 Answers 100 Awesomes

Over the weekend, researchers at cybersecurity intelligence firm Cyble came across a database with 267m Facebook user profiles being sold on the Dark Web.

Looking to verify the records and add them to the firm’s breach notification service, the researchers bought it … for the grand total of £500.

That works out to USD $540 — or about 0.0002 cents — per record. The records held Facebook users’ IDs, which are unique, public numbers associated with specific accounts that can be used to figure out an account’s username and other profile info. The records also included full names, email addresses, phone numbers, timestamps for last connection, relationship status and age.

Fortunately, there were no passwords exposed, but the breach still forms a perfect tool kit for an email or text phishing campaign that looks like it’s coming from Facebook itself. If enough users get fooled into clicking on spearphishers’ rigged links, it could lead to the exposure of even more, and more valuable, data.

How did the data get leaked? In a blog post, Cyble said that it doesn’t know, but its researchers suspect that the records could have either come from a leak in Facebook’s developer API or from scraping: the automatic sucking up of publicly available data (like the kind people often publicly post on Facebook and other social networks).

To read the entire article, please click on the Source link above.

"There's a fine line between audacity and idiocy."
-Warden Anastasia Luccio, Captain
Sign In or Register to comment.