Facebook data of around 533 million users have been posted on the dark web lately of which 6 million belongs to Indians. This had been reported by various news outlets and a cyber-threat intelligence firm.
The Facebook data that had been exposed contains the Facebook identification numbers, profile information, location data, emails and more, stated a report in The Record, published by Recorded Future, a cyber threat intelligence firm. It mentioned that it had conducted a cursory review of the stolen information displaying a screenshot of a forum user bearing an anime-styled user icon and announced that the data had been made available.
However, Facebook did not respond to the request for comment immediately. But later told The Record that the stolen data was old and had previously been reported back in 2019. They said that they had discovered and fixed the issue in August 2019.
The cyber security firm had revealed that still, the stolen Facebook data from users across the world are widely available for download.
“There is a massive market … for buying and selling personal records and personal information,” Recorded Future’s Israeli CEO Christopher Ahlberg told TheStreet on Sunday in a brief phone interview.
Although the information had been stolen in 2019, much of the data had been yet valuable to the cyber criminals, stated Ahlberg.
“You don’t give your Social Security number to Facebook,” he said, and credit card information would be outdated by now, even if it was given. But, he said, users do often give lots of other information that would be of use, especially when combined with other hacked data.”
“It’s unlikely that someone is going to change their name or phone number” over the past two or three years, he pointed out.
Additionally, he stated that the spilling of an old and massive data hack reveals how data can be vulnerable once it gets stolen. Business Insider had earlier reported the resurfacing of the data. It accredited Anon Gal of the Hudson Rock, a cybercrime intelligence firm, for discovering the information on a forum.
The only way to find out the posting of such information on the internet is from the companies that search the dark web for the people aiming to sell them, mentions Ahlberg. According to The Record, a hacker took advantage of a vulnerability of the Facebook contacts importer feature. It had noted that Facebook detected the automatic process after which it plugged the hole.
“Some dude was coming out to sell this,” said Ahlberg. “Somebody was selling this and what people will do is they will regurgitate old things.”
A Twitter user had also posted a link to the alleged Facebook data dump online of the affected users, which cannot be verified independently at the moment. The link bears download options against a couple of countries to check the text files and search your names and simultaneously take safety precautions.
Source: The Street
Disclaimer: Read the complete disclaimer here.