Sensitive personal information of more than half a billion Facebook users leaked on a busy hacking forum earlier today – a potential risk to millions of traders, according to a security analyst. and cryptocurrency hodlers who can now be vulnerable to the exchange of SIM cards and other identities. based attacks.
The wealth of information was first uncovered by Alon Gal, chief technical officer of security firm Hudson Rock, who posted on Twitter about the leak earlier today:
The 533,000,000 Facebook records have been disclosed for free.
This means that if you have a Facebook account, it is highly likely that the phone number used for the account has been leaked.
I have yet to see Facebook recognize this absolute neglect of your data. https://t.co/ysGCPZm5U3 pic.twitter.com/nM0Fu4GDY8
– Alon Gal (Under the Breach) (@UnderTheBreach) April 3, 2021
According to Gal, the leak is linked to a security breach first discovered in 2019. In January 2021, it was learned that hackers could use the information to gain access to the user’s phone numbers; the leak has now expanded to include “phone number, Facebook ID, full name, location, past location, date of birth, (sometimes) email address, date the account was created, relationship status, biography. “
According to Gal, the information could now allow hackers and crooks to deploy a variety of exploits of social manipulation and other nefarioustactics:
“Bad actors will certainly use the information for social engineering, scam, hacking, and marketing purposes.”
Cryptocurrency users are particularly vulnerable to such attacks. Earlier this year, a victim of a SIM swap attack sued cellphone company T-Mobile for $ 450,000, and in 2018 Kaspersky Labs discovered that hackers were able to steal 21,000 ETH, currently worth over $ 43 million, in 12-month social engineering attacks.
The data breach is also an order of magnitude larger than the ledger breach at the end of last year. Shortly after more than 270,000 user information leaked online, users reported extortion threats and considered legal action against the hardware holding company.