Facebook’s Bad Day Gets Worse: Billions of Accounts Hacked, User Data Sold
Facebook’s stocks continued to drop throughout Monday afternoon after the social media platform and its sister ventures Instagram and WhatsApp crashed earlier in the day without an official explanation and no end in sight. Several domain registration portals even had Facebook.com available for sale not long after the apps went down, leading to speculation among tech and cybersecurity experts that something very shady may be going on inside Facebook’s headquarters.
Now we are learning that billions of user accounts were hacked and that their information was sold on the black market by data scrapers.
According to a Privacy Affairs report, “the private and personal information of over 1.5 billion Facebook users is being sold on a popular hacking-related forum, potentially enabling cybercriminals and unscrupulous advertisers to target Internet users globally” in the “biggest and most significant Facebook data dump to date.”
Per Privacy Affairs:
Data scrapers are selling sensitive personal data on 1.5 billion Facebook users.
Data contains users’: name, email, phone number, location, gender, and user ID.
Data appears to be authentic.
Personal data obtained through web scraping.
Data can be utilized for phishing and account takeover attacks.
Sold data claimed to be new from 2021.
At best, this constitutes a gigantic breach of privacy, rather than a security lapse, Privacy Affairs explained.
“The traders claim to have obtained the data by scraping rather than hacking or compromising individual users’ accounts. Scraping is a process of web data extraction or harvesting where publicly available data is accessed and organized into lists and databases. While technically, no accounts have been compromised, this is little solace to those whose data may now end up in the hands of unscrupulous internet marketers and likely also in the hands of cybercriminals,” the site said, adding that “unethical marketers may utilize this data to bombard specific individuals or groups of individuals with unsolicited advertising. The fact that phone numbers, real-life location, and users’ full names are included in the data is especially concerning. In addition, SMS and Push notification spam are becoming increasingly more prevalent even though most countries made these practices illegal many years ago.”
All of this occurred in the hours that followed a former employee-turned-whistleblower’s bombshell revelations to CBS News’s 60 Minutes on Sunday night that the platform knowingly lied to the public about its endeavors to combat hate speech, threats of violence, and misinformation.