[BreachExchange] Millions of Facebook users have data exposed online
Destry Winant
destry at riskbasedsecurity.com
Wed Mar 11 10:07:14 EDT 2020
https://www.techradar.com/nz/news/millions-more-facebook-users-have-their-data-exposed-online
Two huge databases containing the records of over 300 million Facebook
users, including their user IDs, phone numbers and names, have been
leaked online.
The breach was detected by security researcher Bob Diachenko, who
found the first exposed database last December.
He believes that the large collection of Facebook user data was
collected by cybercriminals in Vietnam either through an illegal
scraping operation or by abusing the social network's API based on the
evidence he uncovered.
Microsoft customer support database exposed online
Facebook sues analytics firm over alleged data harvesting
Millions of Adobe Creative Cloud accounts exposed online
In situations such as this, Diachenko usually notifies database owners
first but since this data likely belonged to a criminal organization,
he notified the internet service provider managing the IP address of
the exposed server instead. Unfortunately, the leaked data was also
posted on a hacker forum where others can download it and use it to
launch phishing and other cyberattacks online.
Now, a second server containing the same data along with an additional
42m records has also been discovered, apparently operated by the same
group of cybercriminals. However, shortly after the second server was
found, it was attacked by an unknown party and the information it
stored was replaced with dummy data and database names which read
“please_secure_your_servers”.
Exposed data
The first exposed database contained 267m records and most of the
affected users were from the US. Each record contained a unique
Facebook ID, a phone number, a full name and a timestamp.
The second exposed server contained the same 267m records plus an
additional 42m records and was hosted on a US Elasticsearch server.
25M of the records it contained had similar information as that
contained in the first server but 16.8m of the new records contained
additional information including users' profile details, email
addresses and other personal details.
While it is still unclear at this time whether the data was obtained
through the Facebook API or through a process called scraping where
automated bots copy data from websites, Comparitech (who partnered
with Diachenko on this discovery) does have some recommendations on
how you can avoid having your data scraped.
To minimize the chances of having your profile scraped by strangers,
the firm recommends that users go to their Facebook settings, click on
“Privacy” and set all relevant fields from “Friends” to “Only Me”.
Additionally, users should set the “Do you want search engines outside
of Facebook to link to your profile” option to “No” to reduce the
chances of having their profiles scraped by third parties.
More information about the BreachExchange
mailing list