December 24, 2019

Credentials of 267 million Facebook users exposed

[ By Kavita Krishnan ]


In the latest case revolving around data breach this year, personal data of 267 million Facebook users was exposed online on a database. Earlier this year, data of 49 million Instagram users and 419 million Facebook users was exposed in databases online.

According to a report by Comparitech and security researcher Bob Diachenko, personal data consisting of user IDs, phone numbers and names of 267,140,436 Facebook users was left exposed on a database online. This database could be accessed by anyone on the web without a password or any form of authentication and hence, it could be used for SMS spams and phishing attacks. Also, the data of those 267 million Facebook users, apart from being available on the database was also posted on a hacker forum for anyone to download.

On receiving information about the data leak, Diachenko contacted the internet service provider so that the accesses to the IP address of the database could be removed from the servers. However, the database was exposed online for almost two weeks before the Internet Service Provider (ISP) revoked access to the database.

According to Diachenko, the hackers could have exploited a security hole in Facebook’s API. The researcher also said that there is likelihood that the data could have been stolen without using Facebook APIs. There is a possibility that hackers could have gathered this data from “publicly visible profile pages”.

In response to the data leak, Facebook said in a statement to the United States based media channels that it was looking into the matter. The company however believes that the leaked information would have been obtained before it made changes in the past few years to better protect people’s information.

Related Post

latest News

  • FCA does not protect whistleblowers from retaliation if they are no longer employees: US Appeals Court

    On November 6, dismissing a whistleblower lawsuit, the United States Court of Appeals for the Tenth Circuit ruled that the False Claims Act (FCA) does...

    Read More
  • Plea seeking review of order concerning homosexuals’ civil rights filed in Supreme Court

    A plea seeking review of an order dismissing civil rights such as same-sex marriage, adoption and surrogacy for the LGBTQ community has been filed in ...

    Read More
  • Cattle Slaughter Rules: Second Round Litigation in SC

    The Supreme Court Bench of Justices S.A. Bobde and B.R. Gavai has issued notice to the Central government in a challenge to the Prevention of Cruelty ...

    Read More