Personal data that belonged to more than 500 million Facebook users have been leaked online through a popular data marketplace forum that has previously listed databases from a Malaysian payment platform, e-commerce merchant, and the national electoral roll up for sale.
Over 11 million Malaysian Facebook users are said to be part of this leak which was first highlighted by Alon Gal, who is the Co-Founder and CTO of Israelian cybersecurity company, Hudson Rock. He pointed out that the leaked database contains not only users’ Facebook ID but also their phone number, full name, birthday, account creation date, relationship status, and bio.
It also contains their current and past location while some accounts also have their e-mails present in the leaked database. A sample of the data has since been verified as legit by Business Insider who has matched them with phone numbers and e-mail addresses of known users.
This is not the first time that this particular Facebook database has leaked online though. Alon has actually highlighted it back in January but at that time, it was being presented through a Telegram bot and one has to pay for credits in order to obtain information from the leaked database.
This is old data that was previously reported on in 2019. We found and fixed this issue in August 2019. https://t.co/mPCttLkjzE
— Liz Bourgeois (@Liz_Shepherd) April 3, 2021
Now, the data is generally being made available for free (if you were active enough in the marketplace forum) which means that the barrier is significantly lower than before. However, the Director of Strategic Response Communications for Facebook, Liz Bourgeois has tweeted out that the data came from an old security issue that the company had fixed back in 2019.
That being said, many of the details within the leaked database can’t really be considered “old” though. Hence, they seemed rather ripe and ready to be exploited by crude marketers, scammers, and hackers.
All 533,000,000 Facebook records were just leaked for free.
This means that if you have a Facebook account, it is extremely likely the phone number used for the account was leaked.
— Alon Gal (Under the Breach) (@UnderTheBreach) April 3, 2021
With that, you may want to take the appropriate measures to protect yourself against possible fraud, phishing, or social engineering attempts using the information provided by the database.