The phone numbers and personal data of more than 500 million Facebook users has been posted online by a low-level hacker in a forum for free.
Alon Gal, CTO of Hudson Rock, a cybercrime intelligence firm first discovered the leak on Saturday.
Head of Facebook Canada warns news posts could be blocked as last resort
“All 533,000,000 Facebook records were just leaked for free,” he wrote in a tweet. “This means that if you have a Facebook account, it is extremely likely the phone number used for that account was leaked.”
Facebook acknowledged the news in an emailed statement Saturday afternoon, but said the data was obtained during a breach in 2019.
“This is old data that was previously reported on in 2019,” a Facebook spokesperson said. “We found and fixed this issue in August 2019.”
Big Tech CEOs testify on spread of misinformation, extremism online before Congress
However, according to Gal, the vulnerability allowed hackers to see the phone numbers and other personal information of Facebook users.
“It was severely under-reported and today the database became much more worrisome,” he wrote.
By Gal’s count, 3,494,385 users in Canada were affected.
Global News has reached out to Facebook to confirm how many accounts have been affected in Canada and to determine how the company is handling the leak, but did not immediately hear back.
However, Gal said user’s phone numbers, full names, locations, birthdate, email addresses, and relationship status are among the details leaked.
Why Facebook banned news in Australia
“Bad actors will certainly use the information for social engineering, scamming, hacking and marketing,” he wrote.
© 2021 Global News, a division of Corus Entertainment Inc.