11 Million+ M’sian Facebook Users’ Personal Data Incl. Phone No., Birthday, Email, Relationship Statue Leaked
More than 500 million global Facebook user’s personal data were leaked online through a popular data marketplace forum and Malaysia has over 11 million users said to be a part of this leak.
The leak was first highlighted by Alon Gal, co-founder and CTO of Israeli cybersecurity company, Hudson Rock.
He pointed out that besides users’ Facebook ID, the leaked database also contains their phone number, full name, birthday, account creation date, relationship status and bio.
What’s more alarming is that it contains past and present location, with some accounts having their emails present in the leaked database, according to a report by Lowyat.net. The same report also mentions that a sample of the data has since been verified as legit by Business Insider.
All 533,000,000 Facebook records were just leaked for free.
This means that if you have a Facebook account, it is extremely likely the phone number used for the account was leaked.
I have yet to see Facebook acknowledging this absolute negligence of your data. https://t.co/ysGCPZm5U3 pic.twitter.com/nM0Fu4GDY8
— Alon Gal (Under the Breach) (@UnderTheBreach) April 3, 2021
Facebook databases have been leaked several times in the past, and Alon originally pointed this out in January although the leaked database was presented by a Telegram bot and that required payment at the time.
Now, the data is mostly made available for free, especially for those active in the marketplace forum. However, Liz Bourgeois, Director of Strategic Response Communications for Facebook said the data came from an old security issue and was fixed in 2019.
This is old data that was previously reported on in 2019. We found and fixed this issue in August 2019. https://t.co/mPCttLkjzE
— Liz Bourgeois (@Liz_Shepherd) April 3, 2021
While that information came from someone who works at Facebook, Lowyat.net notes that these leaked data can’t be considered old and seemed ready to be exploited by scammers, hackers and the like.
Although this seems rather obvious, we should take appropriate measures to secure ourselves from fraud, phishing, identity theft or any cyber attack.