533 million Facebook user records dumped online — what you need to know
Some 533 million Facebook user records are being offered up for free on an online hacking forum, multiple sources report.
The good news, if there can be any in this situation, is that the data is old and has been available to cybercriminals for at least two years. Facebook said in statements to The Record and Bleeping Computer that it was all data that had been scraped — copied from the Facebook website without Facebook’s permission — before a loophole was closed in 2019.
We’ve reported on this same stash of data, or parts of it, three times before.
The bad news is that the data contains full names, email addresses, mobile phone numbers and sometime birthdates, exactly the type of things that people tend not to change. Spammers and scammers could use the information to target people with personalized emails or text messages.
The data is pegged to phone numbers. Facebook used to have a feature where you could punch in a phone number, even a total stranger’s, and you’d get a link to any Facebook account associated with that number.
What could possibly go wrong? Pretty soon someone rigged up a computer to generate valid-format phone numbers, toss ’em at Facebook and harvest a list of the resulting accounts and all their publicly available details. (This might even be legal to do.)
At the end, you’d get a reverse-lookup phone book with hundreds of millions of entries. That’s what is now being offered up online.
What can I do about this?
If you have a Facebook account, it doesn’t mean your data is in this stash. The person who is offering this data claims to have already broken down into country-specific batches. The U.S. batch numbers about 32.3 million records, and the Canadian one about 3.5 million. That’s a lot of users, but they’re a small fraction of the estimated 258 million Americans and Canadians who are on Facebook.
Only people who gave Facebook their phone numbers would be included, and even then, you may not be in it.
Considering that the Facebook apps for Android and iPhone will try to grab your phone number and those of all your contacts as soon as you install the apps, Facebook probably has a whole lot more than 36 million North American phone numbers.
So what can you do about this? Not much that you’re not already doing, to be honest. Be wary of random emails, texts, instant messages and social-media posts that promise riches or rewards, or tell you that you need to take urgent action to avoid paying fines and fees you didn’t previously know about.
The best Windows 10 antivirus and best Mac antivirus software will screen out some scamming attempts on your computers; so will the best Android antivirus apps if you’re not on an iPhone. If you do use an iPhone, just keep your wits about when replying to emails, texts and messages.