Personal information belonging to quite 267 million Facebook users has been exposed in an unsecured database on the dark web, it’s emerged.
The report warned that people identified in the database could be targeted by spam messages or phishing schemes. Although it’s not yet clear how the sensitive information was exposed, Diachenko traced the database back to Vietnam and speculated that it may have been compiled through an illegal process called ‘scraping’ – where automated bots copy public information from Facebook profiles – or stolen directly from Facebook’s developer API.
Access to the database has since been removed, however, the records appeared to have been available without a password to anyone without authentication for two weeks before it was uncovered. A downloadable link to the data had also been posted to a popular hacker forum. The security breach follows a huge leak in September during which quite 400 million user phone numbers were exposed -and then there was the main scandal in 2018. It was revealed that Cambridge Analytica had harvested the private data of many peoples’ Facebook profiles without their consent and used it for political advertising