Files with the personal data of 533 million Facebook users appeared this Saturday in a small hacking forum. The data includes phone number, full name, Facebook ID number, current and previous location, date of birth, email, date of creation, romantic status, and biography. The particularity of the gap is that it includes hundreds of millions of telephone numbers linked to their owners, including 10.8 million Spanish and other Latin American countries.
In January, this data was sold through Telegram: a bot offered the mobile number of these users in the Telegram messaging application in exchange for a payment. This Saturday, the technical director of the cyberintelligence company HudsonRock, Alon Gal, found the database complete and free.
Facebook says the data pertains to a gap patched in 2019, so the leaked information is at least a couple of years old. It is likely, however, that many of those phone numbers are still active. The company has not yet clarified if it communicated to those affected that their data was exposed or if it plans to do so. EL PAÍS has asked Facebook for more clarifications, for now without an answer. In 2019, Facebook warned of the leak of a database with more than 400 million phone numbers next to the identification number on Facebook. The files that have now appeared include much more detail.
The danger of this data goes beyond the hacking of Facebook accounts, since in principle there are no passwords affected. The combination of personal data makes social engineering attacks, such as the phishing. It is not the same to receive an SMS from a fake postal package as it is addressed to the recipient’s name, with their date of birth or other personal details.
The database contains user information from 108 countries around the world. Australian Troy Hunt, creator of Have I Been Pwned, which collects email leaks to find out if an account has been affected, has already entered this dataset on his page. The relative good news is that only 0.5% of users in this Facebook breach have seen their email affected, according to Hunt. Now it is evaluating whether to include phone numbers on its website to further prevent users that their phone number may be in the hands of cybercriminals.
In his thread, Hunt claims to have heard cases of more SMS directed personally at victims, although he has no proof that it is associated with this breach. In an analysis focused on Spanish files, these are the figures found by the @ciberpolies account.
You can follow EL PAÍS TECNOLOGÍA at Facebook and Twitter.