Phone numbers and names of more than 267 million Facebook users leaked online, risk of being used for fraud
Perform IT-related reviews and surveysComparitechIs a security researcherBob DiachenkoWorking with him, he discovered that the phone numbers and names of more than 267 million Facebook users are publicly available in publicly accessible online databases. At the time of writing, the database had already been deleted, but the data was leaked to hacker forums and Comparitech warned that the data could be used for SMS spam and phishing scams.
Report: 267 Million Phone Numbers & Facebook User IDs Exposed Online
Millions of Facebook user phone numbers exposed online, security researchers say-CNET
Comparitech and Diachenko are working to find unsecured databases online and report issues such as data leaks. On December 14, 2019, Diachenko said a large amount of Facebook user dataElasticsearchI discovered that it was published online as a database.
The database discovered this time seems to have stored a total of 26,714,436 Facebook user data, and most of the affected users were people living in the United States. Also, each record included Facebook account ID, phone number, full name. Diachenko believes that the data leak was not accidental, but was likely to have been intentionally leaked by a malicious person.
According to Diachenko, it takes about two weeks from when the database was released to when it was finally deleted, and the following timeline progressed from data leakage to database deletion.
・ December 4, 2019:The database is indexed first.
・ December 12, 2019:Data is posted to the hacker forum in a downloadable state.
・ December 14, 2019:Diachenko discovers database and manages server IP addressesISPImmediately send an abuse report to.
・ December 19, 2019:The database is deleted.
In general, if you discover that a database has been published online and your personal information has been leaked, it is common practice to first notify the database owner. However, Diachenko explained that he had contacted the ISP directly because he believed that the data breach was apparently caused by a malicious criminal organization.
It is not clear how the culprit got the Facebook account ID and phone number, etc.Facebook restricts access to phone numbers from Facebook API for developers in 2018Earlier, it could have been stolen via the Facebook API, posing as a third-party developer. Diachenko also points out that there may be security holes that could allow criminals to access more detailed information even after Facebook APIs have restricted access to phone numbers.
It is said that information such as phone numbers and names stored in the database leaked this time may be used for spam and phishing scams via SMS, and Facebook users need to pay attention to suspicious text messages Comparitech is ringing a bell. Even if the sender knows the personal information, including the name, it is dangerous to trust it easily because it is possible to gather more personal information based on the leaked information.
Diachenko points out that the culprit involved in the outflow was likely to be Vietnamese because Vietnamese was included in the welcome page and login dashboard linked to the database.