By: Jesse McCoy
What privacy?
Over the past two weeks or so, the names and telephone numbers of more than 267 million users of Facebook were leaked on the dark web, according to authorities.
A joint report by Comparitech and researcher Bob Diachenko alleges that the confidential information was exposed to public scrutiny starting back on December 4th. It popped up on a hacker forum just over a week later.
The sensitive information was taken down last Thursday, according to The New York Post, “after Diachenko informed its internet service provider about the unsecured information — but not before sitting as a download in the hacker forum for a week. The database belongs to “a criminal organization” in Vietnam “according to the evidence,” the researchers said. Most of the affected users — 267.1 million in total — were American.”
The company said on its web site that the material made available “could be used to conduct large-scale SMS spam and phishing campaigns, among other threats to end users.
“The database was exposed for nearly two weeks before access was removed,” the company reported. “Here’s what we know:
December 4 – The database was first indexed.
December 12 – The data was posted as a download on a hacker forum.
December 14 – Diachenko discovered the database and immediately sent an abuse report to the ISP managing the IP address of the server.
December 19 – The database is now unavailable.
“Typically, when we find exposed personal data like this, we take steps to notify the owner of the database. But because we believe this data belongs to a criminal organization, Diachenko went straight to the ISP,” the firm pointed out.
In total 267,140,436 records were exposed, Comparitech said. “Most of the affected users were from the United States. Diachenko says all of them seem to be valid. Each contained:
- A unique Facebook ID
- A phone number
- A full name
- A timestamp
The server included a landing page with a login dashboard and welcome note.
Exactly how the criminals obtained the user IDs and phone numbers “isn’t entirely clear,” the company said. “One possibility is that the data was stolen from Facebook’s developer API before the company restricted access to phone numbers in 2018. Facebook’s API is used by app developers to add social context to their applications by accessing users’ profiles, friends list, groups, photos, and event data. Phone numbers were available to third-party developers prior to 2018.”
