Just a few days after exposing the sale of some 500,000 Zoom accounts for sale on the dark web, the research team at Cyble are back with another worrying tale of the vast array of information traded on furtive data markets. A “threat actor,” the team reported in a blog, “has dropped an online bomb by dropping the identities of 267 Million Facebook users.” And the price for this data trove—just $540.
Thankfully no passwords were available, but the data included email addresses, names, Facebook IDs, dates of birth and phone numbers. All of which is a perfect set of data with which to craft a text or email phishing campaign on behalf of Facebook. And if a small percentage of users click the link and enter their details into a spoofed Facebook login page, much more valuable data can be stolen.
The researchers bought and verified the information. The number 267 million will ring bells when it comes to Facebook data breaches. Late last year, that same number of mostly U.S. records was found online for sale. “We are looking into this,” Facebook said at the time, “but believe it is likely information obtained before changes we made in the past few years to better protect people’s information.”
Facebook is desperate to repair the reputational damage that started with the Cambridge Analytica scandal and lurched through various data protection, privacy and ad tracker scandals. This data is likely from a past breach and does not suggest current weaknesses with Facebook’s systems—the company was approached for any comments on this latest story or further detail on the user data involved.
Even though no passwords were breached here, users are well advised to change their passwords and to ensure that they have not reused a password on Facebook that they use elsewhere. With email addresses in hand, attackers can match those addresses against breaches which do include passwords and then try various sites. Password reuse is the single biggest enabler of account hijacks.
Facebook users—as with other sites—are also well advised to enable two-factor authentication. This ensures that any username and password breach will not enable an attacker to access your account, the use of such protection will prevent more than 99% of successful attacks on your accounts. The option is available under Settings—Security and Login.
Meanwhile, users can check whether their email addresses have been found in dark web data breaches on Cyble’s site here.
I can’t stress enough the importance of two-factor authentication when it comes to any web application that you may use. A few years ago I had a very costly identity theft situation to resolve. It took a lot of time and a lot of money to get everything corrected. Now, I don’t use any site that does not offer two-factor authentication. It’s a simple tool that goes a long way to keep your information safe and secure.
This is just the tip of the iceberg. Expect more. For just 5 bitcoins, you can have someone (on the dark web) hack into Facebook and sabotage the site for an hour. That’s enough to retrieve at least, a list full of usernames, and personal data. The hackers are now using sophisticated “tools” to get inside these sites. Including Twitter.
Ask yourself who the hackers are? My bet is that it’s the CCP. Suckerberg is in bed with the CHICOMs!
The Chinese aren’t the only ones who are big into hacking. There are scores of hackers all across Eastern Europe who engaged in the exact same behavior except they are motivated simply by profit. The motivations of the Chinese are far more nefarious.
Well I am not disagreeing with that, only applying logic to finding the most obvious suspect here. It’s well known that Facebook is in bed with the CHICOM’s especially at this specific time this latest news seems a little too coincidental for it not to be.
Hmmm…I wonder if any hackers tried to prevent Political Bullpen to be on Facebook? Or maybe, it was the CHICOM that was responsible?