533 Million Facebook users' Personal Data Leaked To The Internet

Gaining users and maintaining them is one thing. The next, is keeping that data safe.

Online platforms that gather and collect user data, are responsible for keeping their users' personal data private. This is because people who signed up to online platforms, trust the platforms with their data.

Facebook is the largest social media network the world has ever seen. In the past, the company's reputation has been stained with multiple data leaks, and not to mention, the famous Cambridge Analytica scandal.

This time, the personal details of 533 million Facebook users from 106 countries, including phone numbers, Facebook IDs, full names, gender, locations, birthdates, occupation, relationship status, phone numbers and email addresses, have reportedly been posted on a forum for hackers.

Reports on the matter even suggest that the personal phone number of Facebook CEO Mark Zuckerberg, and co-founder Dustin Moskovitz, were among the personal information leaked online in a low-level hacking forum.

The leak was first discovered by Alon Gal, the Chief Technology Officer of cybercrime intelligence firm Hudson Rock.

Gal reported that a data dump this big would "certainly lead to bad actors taking advantage of the data to perform social engineering attacks [or] hacking attempts."

This kind of leak can cause huge catastrophe, because the data is very valuable to those hackers and cybercriminals who engage in identity theft campaigns.

More of less, the leak includes most pieces of information data cybercriminals spend their time searching online to perform social engineering attacks. With the leak, everything they need is put into once place, and is easily accessible.

It should be noted though, that the data is sort of old, and that according to a spokesperson at Facebook:

According to reports, some of the data was originally sold in private sales back in 2019, when hackers managed to collect information of users by exploiting a bug in the 'Add Friend' feature on Facebook.

Facebook had fix this issue soon after it was discovered. However, cybercriminals kept circulating the data, until many of which are gathered by other data, to create this massive database, which was then finally released practically for free in a “low level hacking forum.”

In this leak, if each record represents a single Facebook user, this means that roughly 19% of the social media giant’s 2.8 billion individual profiles had their personal information compromised.

This kind of leak is an example of challenges internet companies face with regards to user data and privacy.

Facebook is one of the largest internet companies ever, the for more than too many times, the social media failed to protect its users' data from leaks.

The 533,313,128 user data being leaked was initially on sale for $30,000.

Later, another threat actor created a a private Telegram bot that allowed people to pay to search through the alleged leaked data, And following this, the leak has then been released for free on the same hacker forum for eight site 'credits,' a form of currency on the hacker forum, equal to approximately $2.19.

This happened because of the hype that is created by the leak.

When it was first put online, cybercriminals can sell them at exorbitant prices, simply because the demand is high.

For a leak this scale, the demand was extremely high that the hacker forum had to even block most traffic to the forum thread "to protect itself from online attacks."

But as more people get hold of the data, the demand lowers.

At this time, it's common for the cybercriminals to lower and lower the prices until they are eventually released for free, as a way of earning reputation within the hacker community.

"As is the case every time, people began to sell for cheaper and cheaper until it leaked for free," Gal said.