A hacker belonging to what has been described as a low-level cybercriminal forum was recently discovered to be selling the phone numbers of Facebook users at US$20 (~RM81) a pop. To further simplify the process, he even created a Telegram bot to act as a search function for said phone numbers.
The discovery was made by a Twitter user by the name of Alon Gal (@UnderTheBreach), co-founder and CTO of the cybersecurity company, Hudson Rock. What Gal found more worrisome than the Telegram bot is the database contained the phone numbers of more than 500 million users, spread across the world and countries that have access to the social network. Gal even went out of the way to compile the affected numbers based on countries and posted them on his Twitter account.
As to how the Telegram bot works, Motherboard explains that it finds the mobile number of Facebook users upon query. Once found, the number is redacted until the user who wants said number ponies up the “credits” for it. That said, one credit is worth US$20, and the service even gives special offers and discounts, such as 10000 credits for US$5000 (~RM20242).
Few days ago a user created a Telegram bot allowing users to query the database for a low fee, enabling people to find the phone numbers linked to a very large portion of Facebook accounts.
This obviously has a huge impact on privacy. pic.twitter.com/lM1omndDET
— Alon Gal (Under the Breach) (@UnderTheBreach) January 14, 2021
There is a silver lining (of sorts) to this story; Gal says that the data obtained by the hacker is several years old, so it’s likely that some of the numbers listed by the Telegram bot are either outdated or no longer in use. Be that as it may, it’s still worrying that our numbers can still be dredged from the internet en masse.
Axl Tan contributed to this article.