(dpa) – Once again, the personal information of hundreds of millions of Facebook has surfaced online, following a new data leak that threatens to unleash a wave of sophisticated email scams relying on these stolen contact names.
The IT security firm Hudson Rock said it found data of 533 million Facebook users, mostly from the US, in an online forum for hackers, according to a Business Insider report.
This information includes phone numbers, email addresses, the names of the cities in which users live and their birthdays. The leak even contains the phone number of founder and chief executive Mark Zuckerberg, as IT security expert Dave Walker noted.
Facebook issued a short response to the report: “This is old data that was previously reported on in 2019. We found and fixed this issue in August 2019,” a spokeswoman for social media giant wrote on Twitter.
Old or new, the problem a serious one for Facebook users, as once stolen user data gets online, it is almost impossible to stop it from spreading. The personal information of hundreds of millions of Facebook members that was stolen years ago is still in circulation.
Ireland’s Data Protection Commission in Facebook’s European headquarters in Dublin said it received “no proactive communication from Facebook,” and that the company said “extensive investigation” was still needed to find out how the data was leaked.
Beside the infringement on user privacy, the leak also brings a major risk of scams and additional hackings.
When personal information like email addresses and phone numbers become widely available to hackers, it makes it easier to trick people into falling for phishing emails because they can be made to look more authentic.
In other words, you will probably not send money to a Nigerian prince asking for help, but you may well do so if a would-be friend or relative is asking for emergency funds.
Experts now say users need to stay alert, as “cybercriminals could use the information for spam messaging, phishing email, identity theft, or other nefarious purposes,” according to computer security company Norton.
Facebook has 2.8 billion users who are active at least once a month, according to recent data.
In 2019, the phone numbers of 420 million users surfaced online after a friend search function was misused to steal data. Although the phone numbers stored on Facebook were not openly visible, they could be assigned to individual users and harvested on a large scale via automated queries – a technique known as “scraping”.
Even if, as Facebook says, the latest leak comes from old data, many people keep the same email addresses and phone numbers for years.
Scraping has become a problem for Facebook time and again. In 2018, for example, the online network had to admit that all publicly accessible data of more than 2 billion users may have been collected by hackers.
Later, there were data protection debates about the company Clearview AI, which collected publicly visible images from Facebook’s photo platform Instagram, among others, and used this to compile a facial recognition database. Among Clearview AI’s clients are US police agencies.