Half a billion people just had their Facebook data leaked

Published at: April 3, 2021

According to a security analyst, sensitive personal information for over half a billion Facebook users was leaked on a well-trafficked hacking forum earlier today — a potential risk to millions of cryptocurrency traders and hodlers who now may be vulnerable to sim swapping and other identity-based attacks. 

The trove of information was first discovered by Alon Gal, CTO of security firm Hudson Rock, who posted on Twitter about the leak earlier today:

All 533,000,000 Facebook records were just leaked for free.This means that if you have a Facebook account, it is extremely likely the phone number used for the account was leaked.I have yet to see Facebook acknowledging this absolute negligence of your data. https://t.co/ysGCPZm5U3 pic.twitter.com/nM0Fu4GDY8

— Alon Gal (Under the Breach) (@UnderTheBreach) April 3, 2021

According to Gal, the leak is related to a security vulnerability first discovered in 2019. In January 2021, it became known that hackers were able to use the information to access user's phone numbers; the leak has now expanded to include “Phone number, Facebook ID, Full name, Location, Past Location, Birthdate, (Sometimes) Email Address, Account Creation Date, Relationship Status, Bio.”

According to Gal, the information could now enable hackers and scammers to deploy a variety of social manipulation exploits and other nefarioustactics:

“Bad actors will certainly use the information for social engineering, scamming, hacking and marketing.”

Cryptocurrency users are at particular risk of such attacks. Earlier this year, a victim of a sim-swapping attack sued mobile phone company T-Mobile for $450,000, and in 2018 Kaspersky Labs found that hackers were able to steal 21,000 ETH, currently worth over $43 million, in social engineering attacks over a 12-month period. 

The data breach is also orders of magnitude larger than the Ledger breach late last year. Shortly after over 270,000 users’ information was leaked online, users reported extortionist threats, and considered lawsuits against the hardware wallet company. 

Tags
Related Posts
Crypto wallets: An important battlefront to gain wallet share and mind share
Digital wallets are software constructs that mimic physical wallets and provide the functionality of storing, using and categorizing payment instruments. The journey of digital wallets started with payments and morphed to other forms of stubs such as digital passes, tickets and boarding passes. However, crypto wallets attempt to redefine the digital wallet landscape as something more than safe storage of payment and crypto instruments. With more than 100 crypto wallets and growing, this sector in the cryptosphere is getting crowded and adding further complexity to an already fragmented blockchain and digital asset space. As I study this space and try …
Decentralization / Aug. 29, 2021
‘DeFi done right’: Layer-one protocol launches mainnet
A decentralized finance protocol has launched its mainnet — describing it as a crucial step on the journey to a frictionless financial future. Radix, which describes itself as a platform for smart money, is also launching Instapass with its Olympia mainnet — an optional user and developer service that delivers the world’s first single sign-on solution for building compliant DeFi. The Radix mainnet is being positioned as a generational improvement in the history of decentralized ledger computing — and one that delivers 100 times more executional efficiency than the Ethereum Virtual Machine. This comes hot on the heels of the …
Decentralization / July 29, 2021
Cointelegraph announces the Top 100 Notable People in Blockchain 2021
Let’s get one thing out of the way: You will not agree with every selection on the Cointelegraph list of the Top 100 Notable People in Blockchain. In fact, you will almost certainly disagree, vehemently, with many of the people we’ve included on this year’s list. You will rage at the inclusion of [insert comedy villain here] and the exclusion of, say, Charles Hoskinson. Particularly if you are indeed Charles Hoskinson. You will seethe at the fact that Arthur Hayes is nowhere to be found. (We looked.) You'll eat your own... words because you once tweeted that John McAfee was …
Decentralization / Feb. 1, 2021
Bank of International Settlement calls the rise of decentralized finance 'an illusion' in latest quarterly review
On Monday, the Bank of International Settlement, or BIS, a financial institution owned by central banks worldwide, published a report scrutinizing the development of the decentralized finance, or DeFi, industry. The article opened by saying, "There is a "decentralization illusion" in DeFi since the need for governance makes some level of centralization inevitable, and structural aspects of the system lead to a concentration of power." It continued: If DeFi were to become widespread, its vulnerabilities might undermine financial stability. These can be severe because of high leverage, liquidity mismatches, built-in interconnectedness and the lack of shock absorbers such as banks.' …
Decentralization / Dec. 6, 2021
Self-regulatory orgs for crypto keep ecosystem afloat pending clear regulations
The crypto market is growing at a rapid pace, with governments and various regulatory bodies actively trying to study and keep up with the growth. While many policymakers around the globe have come to realize that banning the crypto market is not an option, many are yet to come up with a formidable framework to regulate the nascent market in their respective countries. Even some of the most crypto-friendly countries have only managed to regulate parts of the crypto market such as crypto trading while a significant chunk of crypto-related activities still remains a gray area. Thus, for a rapidly …
Decentralization / June 9, 2022