Facebook data leak has become rather common and on Saturday, April 4th, 2021, security researcher Alon Gal broke the news on Twitter that there has been yet another massive data breach on Facebook and was posted for free on the internet. The insider, a popular business online magazine subsequently verified this claim.
“Insider reviewed a sample of the leaked data and verified several records by matching known Facebook users’ phone numbers with the IDs listed in the data set. We also verified records by testing email addresses from the data set in Facebook’s password reset feature, which can be used to partially reveal a user’s phone number.”- The Insider
The recent data breach is one of the biggest and comprehensive Personal data breaches of Facebook users. The leaked data is said to include personal information such as phone numbers, Facebook IDs, full names, locations, birthdates, bios, and in some cases email addresses from over 533 million Facebook users from 106 countries. Surprisingly, the data leak also includes that of Facebook CEO Mark Zuckerberg.
All 533,000,000 Facebook records were just leaked for free.
This means that if you have a Facebook account, it is extremely likely the phone number used for the account was leaked.
I have yet to see Facebook acknowledging this absolute negligence of your data. https://t.co/ysGCPZm5U3 pic.twitter.com/nM0Fu4GDY8
— Alon Gal (Under the Breach) (@UnderTheBreach) April 3, 2021
Potential Consequences
The Facebook leaked data has been posted on a hacking forum for free, this makes it widely available to anyone who has the required skills to tap into it and target individuals of choice.
“A database of that size containing the private information such as phone numbers of a lot of Facebook’s users would certainly lead to bad actors taking advantage of the data to perform social engineering attacks [or] hacking attempts,” Gal told Insider.
Now what?
While Facebook users do not have control over the already leaked and acquired data, it is worthy of note that users’ passwords were not leaked although the data leaked are still very tangible, hence users are advised to be wary of people who contact them about there personal information and request that they click a link or supply their password (Social Engineering).
In addition, there is now a tool that can help you check if your data is among those that were leaked, I explained it here