Hackers selling 267 million Facebook records on hacker forum

Currently, the trove of 267 million Facebook records are being sold for around $600 on the hacker forum.

Facebook has more than 2.5 billion monthly active users and when its data is breached, that’s bad news for everyone. Today is one of those days where personal data of millions of unsuspected users has been put at risk.

In December 2019, reported that a misconfigured Elasticsearch server exposed the personal information of 267 million (267,140,436) users. These records mostly belonged to users in the United States and included Facebook profiles, full names, a unique ID for each account and timestamp, etc.

Don’t be surprised, 70% of the US citizens are active on Facebook which means that out of the country’s total population of 327.2 million, roughly 232.6 million people are on Facebook.

Now, it seems like the same database is being sold on a hacker forum, has learned.

Yes, according to IT security firm Cyble, hackers are selling 267 million records of Facebook users on a hacker forum. Cyble is the same company who a few days ago discovered half a million authentic Zoom accounts being sold on the dark web.

The sold data includes their Facebook profile links, full names, email addresses, phone numbers, age, date of birth, status as in whether the user is active on the site or not, gender, city, and addresses, etc.

Screenshot of Facebook sample data Cyble provided to

Currently, the database is being sold for £500 (€575 – $625). What’s worse is that researchers bought and analyzed the data which turned out to be legitimate. However, the good news is that these records do not contain user passwords but the type of data being sold data is enough to carry out phishing and malware scams against victims.

Screenshot of the listing Cyble provided to

It is noteworthy that the database exposed last year also didn’t contain user passwords, though, it didn’t have any email addresses either. Nevertheless, the damage has been done and already crippling Facebook will have to issue yet another data breach notification but that’s business as usual for the social media giant.

In an exclusive conversation with CEO and Founder of Cyble, Mr. Beenu Arora told that,

At this stage, we are not aware of how the data got leaked at the first instance, it might be due to a leakage in third-party API or scrapping. Given the data contain sensitive details on the users, it might be used by cybercriminals for phishing and spamming.

Beenu also advised users to tighten their privacy settings on their Facebook profiles, and be cautious of unsolicited emails and text messages.

Since Facebook is now new to data breaches and security mishaps, in March 2019, it was revealed that the company stored 600 million user passwords in plain text that were exposed to more than 20,000 employees.

On April 4th, 2019, in another incident, private data of 540 million Facebook users in plain text was exposed to the public due to an unprotected Amazon Web Services (AWS) S3 bucket in plain text April 4th, 2019. The list goes on…

For your peace of mind, you can know if you have been compromised in data breaches by entering your email address on services like Have I Been Pwned and Am I Breached. They will also let you know the specific data breaches that led to the compromise in question allowing you to take targeted prompt action.

You Might Also Like