Facebook has been the subject of yet another high-profile data scandal, after more than half a billion users had their private information leaked earlier this month.
It’s believed that 533 million profiles were compromised, with the associated phone numbers, email addresses and physical addresses being circulated on popular hacking forums.
The social media giant didn’t inform its users of the leak because the database of exposed information was curated from a vulnerability in 2019. Therefore, it considered the information to be ‘old’ and not valuable.
However, VICE reporter Karl Bode noted that people don’t tend to change their phone numbers and email addresses very often, so they’re still likely to be active.
Alon Gal, CTO of cybercrime intelligence company Hudson Rock, first discovered the database in January and then broke the news of the leak last week.
Gal told Business Insider: “A database of that size containing the private information such as phone numbers of a lot of Facebook’s users would certainly lead to bad actors taking advantage of the data to perform social-engineering attacks [or] hacking attempts.
“Individuals signing up to a reputable company like Facebook are trusting them with their data, and Facebook [is] supposed to treat the data with utmost respect. Users having their personal information leaked is a huge breach of trust and should be handled accordingly.”
Facebook got in trouble with the FTC in 2019 after it was found to be collecting users phone numbers under the pretence that they would only be used as a verification device. In actual fact, the numbers were being shared with third-party companies to curate targeted adverts.
Read more here.