Personal details of more than 500 million Facebook users, including 6 million people in India, have been leaked by cybercriminals online.
The leaked data has been posted for free on hacking forums and includes date of joining, place of work, names, gender, occupation and relationship status of users.
Responding to the leak, a Facebook spokesperson said that this is old data that was previously reported in 2019. “We found and fixed this issue in August 2019”.
The database, first leaked in 2019 was sold on Telegram for $20 per search, after which Facebook announced that they had addressed the leak. In January 2021, the database was leaked for the third time (after another leak on June 2020), with the vulnerability that allowed for the search of users’ contact number.
How to Check If Your FB Data Has Been Leaked?
- 01/03Search your username on ‘haveibeenpwned’.com and click on ‘pwned?’(Photo: The Quint)
- 02/03If your data has been breached a message stating ‘ oh no-- pwned! will appear on the website.(Photo: The Quint)
- 03/03You will now be able to check for the breaches you were pawned in.(Photo: The Quint)
In order to check if your personal data was compromised, you can visit a website called ‘Have I Been Pwned’.
Sharing his thoughts, Cyber Security Researcher Sourajeet Majumder told The Quint,“haveibeenpwned.com collects and analyses hundreds of database dumps and allows users to search for their own information by entering their username or email address”.
According to Troy Hunt, Founder, Pwned.com the website has been updated and it now holds the 533M Facebook data which was leaked and users can check if their data was included in this breach.
How Can You Stay Safe From A Data Breach?
There is nothing one can do when their private data gets leaked in massive breaches. It's the organisation who needs to be held responsible for the mishap.
“Users can however stay alert from potential 'phishing links', 'spam calls' , 'social engineering' attacks which they might need to face as consequences of this massive breach,” said Majumder.
Internet Researcher Rajshekhar Rajaharia told The Quint that passwords and financial details are not available in the database. Some personal information details are easily available .
How Can Cyber Criminals Use This Data?
Data leakages are goldmines for cyber criminals. By using the freely available data cyber criminals can scam users or even impersonate them online.
“Facebook breach leaked phone numbers, Facebook user ID, full name, location, past location, birth date, email address, account creation date, relationship status, and bio information which is enough to track down a person. Criminals can run targeted ‘Phishing Campaigns’against users which can be fatal,” added Majumder.
Are Data Leaks Common?
Data leaks have become very common of late. Recent data breaches such as alleged Mobikwik data breach and the Acer data leak among others are gaining massive traction primarily for two reasons, explains Majumder:
- Independent Security Researchers from all parts of the world have become active and are trying their best to create a secure online environment for all and thus pointing out these breaches which normally most organisations want to hide.
- People are slowly becoming conscious about their own data privacy and are being vocal about it and thus these breaches are being publicly discussed.