Facebook Breach Results In 267 Million Phone Records, User IDs Left Out In Open

Dec 20, 2019
Submit

Social networking giant Facebook Inc is no stranger to data breaches. Earlier this year, records of at least 500 million users were found on Amazon, and in September, phone records of 219 million users were exposed on an easily accessible online server. Now, a report from Comparitech and security researcher Bob Diachenko states that 267 million Facebook accounts, user names and telephone numbers have been found sitting on an Elasticsearch server. The data is believed to be scraped off of the service by entities operating in Vietnam. Take a look below for more details.

Facebook Records of 267 Million Accounts Found On An Elasticsearch Server By Researcher In Latest Discovery Of Data Scraping

Last month we reported that a data set comprising of records from 1.2 billion people was openly available on an Elasticsearch server. Elasticsearch is a popular enterprise server, and the source of this data was believed to be from data brokerages operating from California. Such firms gather user details from websites such as Facebook, LinkedIn, Twitter and Github, and sell this data to third parties for marketing purposes.

The Order: 1886 Developer Ready at Dawn Acquired by Facebook/Oculus Studios

Today's data breach is only from Facebook and it covers phone numbers and other details of a quarter-of-a-billion users. The researchers who have uncovered today's data breach believe that the information has been compiled by malicious entities operating out of Vietnam, either through penetrating Facebook's API or through illegal scraping.

As per the details, the Elasticsearch database was indexed on December 9th, and the data on this server made its way on a hacker forum as a download three days later on the 12th. Within two days, Bob Diachenko discovered the database, and since it was liable to be used for criminal purposes, the researcher immediately notified the internet service provider who was operating the server's IP address. The service provider who has not been named in today's report took down the server today.

Researchers believe that the data was either obtained before Facebook made changes to its application programming interface that restricted access to phone numbers, or through malicious parties breaching the company's API or by scraping this data off of search engines. A big component of this data breach are unique Facebook IDs found sitting on the server. A Facebook ID is a set of numbers associated with each unique profile and this information can be used to accurately ascertain the account's details. The bulk of the data belongs to users within the United States.

Thoughts? Let us know what you think in the comments section below and stay tuned. We'll keep you updated on the latest.

Submit