More than 267 million Facebook users’ IDs, phone numbers, and names were exposed to an online database that could potentially be used for spam and phishing campaigns.
Security researcher Bob Diachenko uncovered the database, according to Comparitech. The database was first indexed on December 4, but as of today, December 19, it is unavailable. Comparitech reports that before the site was taken down, the database was found on a hacker forum as a downloadable file.
Most of the Facebook users that were affected by this leak are located in the U.S., and the data included people’s Facebook IDs, phone numbers, and their full names.
Diachenko told Comparitech that the leaked data was most likely a result of illegal scraping or a hole in Facebook’s API. Scraping is against Facebook’s policies but can be easily done, especially if users have public profile settings.
Because of this, Facebook users are advised to set their privacy settings to “Friends” and set the “Do you want search engines outside of Facebook to link to your profile?” setting to “No.” Diachenko also said to be wary of suspicious, unsolicited text messages.
Digital Trends reached out to Facebook to comment on the leaked data and what they have done in response, and we’ll update this story once we hear back.
It’s not the only instance this year where Facebook had privacy mishaps. As recent as last month, private data of Facebook and Twitter users were also compromised through malicious third-party Android apps. Earlier in the month, it was found that private data of thousands of Facebook group members had been compromised.
Back in September, millions of phone numbers associated with Facebook accounts were discovered in an exposed, online database. The records reportedly contained users’ Facebook IDs and the phone number associated with each person’s account. Some records even had users’ names, gender, and location.
It is important to note that frequently changing your password and using unique passwords for different platforms are essential for online privacy and security. It’s no secret that we are bad at password management, but having better password habits can be a defense against data leaks.