Massive Facebook Leak Exposes Personal Data of 267 Million Users
Here we go again. Hardly a month goes by without news of a Facebook scandal. The latest sees the user data, including names and personal numbers, of 267 million users, exposed for anyone to find.
This is yet another mess up from a company that so recently rebranded and claimed to be refocusing on user privacy.
Yet another privacy mishap
Over 267 million Facebook users have been affected by the new data leak, which has exposed phone numbers, names, and users' IDs, Comparitech reports.
The leaking of this type of data leaves users vulnerable to spam and phishing campaigns that use personal info to act send malicious emails and messages aimed at retrieving more data from users.
The leak was uncovered by security researcher Bob Diachenko. The database is now unavailable after being flagged by the researcher. However, the damage may have already been done. As Comparitech reports, the database was found on a hacker forum as a downloadable file.
As Digital Trends reports, most of the Facebook users affected by the leak are located in the U.S.
The data leak was likely the result of illegal scraping or a hole in Facebook's APO, Diachenko says. Though scraping goes against Facebook's user agreement, it is a process that can be easily carried out, especially on users that have their account settings set to 'Public'.
Facebook users are therefore advised to set their privacy settings to 'Friends'. Importantly, they should also set the 'Do you want search engines outside of Facebook to link to your profile?' setting to 'No.'
Facebook users are also advised to be wary of any unsolicited suspicious messages as these may have been sent by hackers that obtained their data via the leaked information download.
As already mentioned, these days it feels like a month without a Facebook scandal is the exception to the rule. Last month, private data of Facebook and Twitter users were compromised via malicious third-party Android apps. Earlier this month, it was revealed that third-party devs had improperly accessed private data of users.