Technology
267 million Facebook users’ phone numbers were illegally exposed
Millions of phone numbers publicly listed by Facebook users were shared in an online forum where hackers hang out.
A database containing more than 267 million Facebook phone numbers and user IDs were by cybersecurity firm Comparitech in partnership with security researcher Bob Diachenko.
Many Facebook users publicly list their phone numbers, but an easily accessible database like this helps malicious actors in spam and phishing schemes.
Researchers aren’t sure how the database was created. It could have been illegally compiled through an automated process called scraping, where public information is copied from the internet, in this case from Facebook profiles.
It could have also been created through the Facebook API, a tool that gives third-party developers access to user information so they can create Facebook applications. The API stopped giving access to user phone numbers in 2018, so it’s possible the data was collected before the new policy was enacted.
Researchers believe the operation was being run by a criminal organization in Vietnam.
The database was not password protected and was completely open to the public. Diachenko usually notifies the owner of an exposed database so they can secure it. However, in this case, the owners of the database were illegally maintaining it. So, the researcher directly informed the internet service provider managing the IP address of the server where the database was stored, and it was taken down on Dec. 19. Diachenko believes the illegal database was set public by mistake.
Facebook users who have their phone number set to public should be cautious of phone calls and text messages from unknown numbers, as the information could be used in spam or phishing campaigns.
Facebook has been hit with a number of issues this year. A similar database containing more than 400 million Facebook user IDs and phone numbers was in September.
While publicly scraped data is harder for companies like Facebook to stop, there were other where this information was accessed through the social network’s own developer API. For example, this past April, millions of Facebook user records, including , were discovered. The data was exposed by third-party app developers.
Comparitech recommends that Facebook users set their privacy settings to “friends” or “only me” as well as turning off the option that allows search engines to link to your profile. This will help reduce the risk of your data being accessed by third parties.
However, the cybersecurity firm notes that the only way to be sure that it never happens is to deactivate or delete your Facebook profile.
The Rabbit r1 shipped half-baked, but that’s kind of the point
Google lays off workers, Tesla cans its Supercharger team and UnitedHealthcare reveals security lapses
The greatest workout playlist demands these soundtracks and scores
Loneliness in kids: Screen time may play a role
The greatest films on Prime Video right now
ICONIQ Growth raises $5.75B seventh flagship fund
Luminar cuts 20% of staff and outsources lidar production
Apple Watch Series 9 vs. SE: A smartwatch skeptic tested both for 13 days
Google dubs Epic’s demands from its antitrust win ‘unnecessary’ and ‘far beyond the scope’ of the verdict
Apple: pay attention to emerging markets, not falling China sales
NASA discovered bacteria that wouldn’t die. Now it’s boosting sunscreen.
API startup Noname Security nears $500M deal to sell itself to Akamai
US think tank Heritage Foundation hit by cyberattack
How to watch ‘Argylle’: When and where is it streaming?
Tesla drops prices, Meta confirms Llama 3 release, and Apple allows emulators in the App Store
Meta to close Threads in Turkey to comply with injunction prohibiting data-sharing with Instagram
Tesla layoffs hit high performers, some departments slashed, sources say
Former top SpaceX exec Tom Ochinero sets up new VC firm, filings reveal
TechCrunch Mobility: Cruise robotaxis return and Ford’s BlueCruise comes under scrutiny
Consumer Financial Protection Bureau fines BloomTech for false claims
The Rabbit r1 shipped half-baked, but that’s kind of the point
Google lays off workers, Tesla cans its Supercharger team and UnitedHealthcare reveals security lapses
The greatest workout playlist demands these soundtracks and scores
Loneliness in kids: Screen time may play a role
The greatest films on Prime Video right now
ICONIQ Growth raises $5.75B seventh flagship fund
Luminar cuts 20% of staff and outsources lidar production
Apple Watch Series 9 vs. SE: A smartwatch skeptic tested both for 13 days
Google dubs Epic’s demands from its antitrust win ‘unnecessary’ and ‘far beyond the scope’ of the verdict
Apple: pay attention to emerging markets, not falling China sales
-
Business6 days agoGoogle Gemini: Everything you need to know about the new generative AI platform
-
Entertainment7 days ago2024 summer TV preview: 33 TV shows to watch this summer
-
Business4 days agoHaun Ventures is riding the bitcoin high
-
Entertainment6 days ago‘Bridgerton’: Everything you need to remember before Season 3
-
Entertainment4 days agoHands-on with the Claude AI app: It’s pleasant to use, but janky
-
Entertainment3 days agoApple Watch Series 9 vs. SE: A smartwatch skeptic tested both for 13 days
-
Entertainment4 days ago5 essential gadgets for turning your home into a self-care sanctuary
-
Entertainment5 days agoHow to unblock porn sites: Greatest VPN for porn in 2024
