A security researcher is claiming more than 267 million Facebook users have had some of their private data exposed online.
The report first appeared on technology comparison website Comparitech after Bob Dianchenko discovered the leak. Users’ names, user IDs and phone numbers were exposed, which can together be used to execute phishing scams.
Most of the people affected by the hack appear to be from the United States.
All of the information was stored on a database which was publicly accessible without a password for almost two weeks.
Diachenko first came across the trove on 14th December, ten days after it was created. As of 19th December the data is no longer available.
He believes the hack could have been carried out as part of an illegal scraping operation. Because of the potential criminal implications, the team at Comparitech immediately alerted the relevant ISP rather than going to Facebook.
Engadget reached out to Facebook for comment and a spokesperson replied by saying: “We are looking into this issue, but believe this is likely information obtained before changes we made in the past few years to better protect people’s information.”
In September, almost half a billion users had their phone numbers exposed in a leak which reportedly included several high-profile celebrities.
Tinder had to assure singles that none of their dating information was accessed during a Facebook breach last year.
Read more here.