Stolen Facebook data of seven million Aussies leaked

© Provided by Daily Mail
MailOnline logo

The publication of stolen personal Facebook data is expected to lead to an increase in phishing scams and online fraud – and experts say it’s ‘extremely likely’ your phone number is included if you have an account.

The data – which includes phone numbers, names, location details, birthdates, email addresses, relationship statuses and bios of 533 million Facebook accounts from 106 countries – was stolen in 2019 when the social media giant did a security upgrade.

But the data was dumped for free in a hacker forum over the Easter long weekend – including the details of 7,320,478 Australian Facebook users.

© Provided by Daily Mail
Facebook CEO Mark Zuckerberg’s cell phone number is among the leaked personal data from 533 million users of the site posted online by hackers

© Provided by Daily Mail
The data – which includes phone numbers, names, location details, birthdates, email addresses, relationship statuses and bios of 533 million Facebook accounts from 106 countries – was stolen in 2019 when the social media giant did a security upgrade

Even if you did not have a phone number visible on your Facebook account, the data can still be traced because in many cases it is used in the ‘back end’ if you need to quickly reset your password. 

‘This means that if you have a Facebook account, it is extremely likely the phone number used for the account was leaked,’ tweeted Alon Gal, Chief Technology Officer for cybercrime company Hudson Rock.

It is understood Facebook founder Mark Zuckerberg’s own personal details were leaked.

Zuckerberg’s name, location and marriage information, date of birth and Facebook user ID were published on the hacker forum. 

Experts say the data publication will almost certainly lead to increases in various cybercrimes – criminals looking to scam, defraud or steal money via not just websites but also email, text messages and even phone calls.

© Provided by Daily Mail
Computer servers that store users’ photos and other data are seen at the Facebook site in Prineville Oregon in a file photo. Details from more than 500 million Facebook users have been found available on a website for hackers

A common approach tactic is when someone contacts an unsuspecting member of the public asking them to verify their identity by clicking on a link.


Load Error

‘These types of phishing attempts remain the most recurrent type of scam in Australia, and so individuals should always be wary of any communication whether that is in the form of email, text message, social media, or via a phone call, from someone they do not recognise,’ Crispin Kerr, vice president of cyber security firm Proofpoint told the Australian Financial Review.  

While Facebook did not leak the data, experts blame it for not adequately securing people’s personal information.

‘I have yet to see Facebook acknowledging this absolute negligence of your data,’ Mr Gal said.

A Facebook spokesman said in a statement to ‘This is old data that was previously reported on in 2019. We found and fixed this issue in August 2019.’ 

‘Facebook knew about this in 2019, but at the time the data was very very hard to get a hold of,’ Josh Lemon, a digital forensics expert from Ankura told the AFR.

But that changed when a user in a hacking forum tried to sell the data in January, and at Easter when the entire database of stolen Facebook personal data was posted on the same website for free.

Mr Lemon said the release of data could prove very serious if criminals or stalkers attempted to track someone who was under protection.

© Provided by Daily Mail
The database appears to be the same set of numbers circulating in hacker circles since January, according to Alon Gal, co-founder of Israeli cybercrime intelligence firm Hudson Rock

What is a ‘phishing’ scam? 

Phishing scams are attempts by scammers to trick you into giving out personal information such as:

How do they work?

A scammer contacts you pretending to be from a real business such a bank, telephone or internet provider. 

You could contacted by email, social media, phone call, or text message.

 What might the scammer ask?

For you to provide or confirm your personal details.

They could claim your bank or is verifying customer records due to a technical error. 

They might even offer you a prize to fill out a survey. 

The scammer may already have your credit card number and ask you to confirm your identity by quoting your 3 or 4 digit security code. Do NOT do this.

Warning signs:

What to do if you have been scammed?

If you think you have provided your account details to a scammer, contact your bank or financial institution immediately.

Find more information here

Source: ACCC/Scamwatch 


Read more

Source: Thanks