533 million Facebook users’ phone numbers leaked on hacker forum

The mobile phone numbers and other personal information for approximately 533 million Facebook users worldwide has been leaked on a popular hacker forum for free.

The stolen data first surfaced on a hacking community in June 2020 when a member began selling the Facebook data to other members. What made this leak stand out was that it contained member information that can be scraped from public profiles and private mobile numbers associated with the accounts.

The sold data included 533,313,128 Facebook users, with information such as a member’s mobile number, Facebook ID, name, gender, location, relationship status, occupation, date of birth, and email addresses.

From samples of the Facebook data seen, almost every user record contains a mobile phone number, a Facebook ID, a name, and the member’s gender.

Below is a small sample of USA records showing the redacted mobile numbers starting with New York’s 917 mobile area code.

According to Alon Gal, CTO of cybercrime intelligence firm Hudson Rock, it is believed that threat actors exploited in 2019 a now-patched vulnerability in Facebook’s “Add Friend” feature that allowed them to gain access to member’s phone numbers. 

It is unknown if this alleged vulnerability allowed the threat actor to retrieve all of the information in the leaked data or just the phone number, which was then combined with information scraped from public profiles.

After the initial sale of the data, which is believed to be for $30,000, another threat actor created a private Telegram bot that allowed other threat actors to pay to search through the Facebook data. 

Facebook data leak released for free

Today, this Facebook data leak has been released for free on the same hacker forum for eight site ‘credits,’ a form of currency on the hacker forum, equal to approximately $2.19.

While data breaches are initially sold in private sales for a high price, it is common for them to be sold for lower and lower prices until they are eventually released for free as a way of earning reputation within the hacker community.

“As is the case every time, people began to sell for cheaper and cheaper until it leaked for free,” Gal told in a conversation.

Included in the data leak are the phone numbers for three of Facebook’s founders – Mark Zuckerberg, Chris Hughes, and Dustin Moskovitz, which are the 4th, 5th, and 6th members first registered on Facebook.

In response to our queries regarding the data leak, Facebook told that this data is the same data as was harvested in 2019.

“This is old data that was previously reported on in 2019. We found and fixed this issue in August 2019,” a Facebook spokeperson told.

While the data may be from 2019, it is common for phone numbers and email addresses to remain the same over a period of many years, making this valuable to threat actors.

The top 20 geographic locations where members were exposed, as described by the threat actor, are listed below. These locations are likely what was entered by the Facebook member in their profile.

 A full list of locations and associated member counts can be found at the end of the article.

LocationNumber of users
Egypt44,823,547
Tunisia39,526,412
Italy35,677,323
USA32,315,282
Saudi Arabia28,804,686
France19,848,559
Turkey19,638,821
Morocco18,939,198
Colombia17,957,908
Iraq17,116,398
Africa14,323,766
Mexico13,330,561
Malaysia11,675,894
United Kingdom11,522,328
Algeria11,505,898
Spain10,894,206
Russia9,996,405
Sudan9,464,772
Nigeria9,000,131
Peru8,075,317

Data can be used to conduct attacks

This release has been met with enthusiasm by other threat actors on the hacker forum as they can use it to conduct attacks on the people listed in the data leak. 

For example, threat actors can use email addresses for phishing attacks and mobile numbers for smishing (mobile text phishing) attacks. 

Threat actors can also use mobile numbers and leaked info to perform SIM swap attacks to steal multi-factor authentication codes sent via SMS.

It is advised that all Facebook users be wary of strange emails or texts requesting further information or telling you to click on enclosed links.

A full list of geographic locations, as shared by the threat actor, and the amount of exposed users per location can be seen below. On mobile, you can scroll the table left and right to see any cut off data.

RankProfile LocationExposed Users RankProfile LocationExposed Users
1Egypt44,823,547 55Bahrain1,450,124
2Tunisia39,526,412 56Ireland1,449,919
3Italy35,677,323 57Finland1,381,569
4USA32,315,282 58Czech Republic1,375,988
5Saudi Arabia28,804,686 59Austria1,249,388
6France19,848,559 60Sweden1,092,140
7Turkey19,638,821 61Ghana1,027,969
8Morocco18,939,198 62Philippine879,699
9Colombia17,957,908 63Mauritius848,558
10Iraq17,116,398 64Taiwan734,807
11Africa14,323,766 65China670,334
12Mexico13,330,561 66Croatia659,115
13Malaysia11,675,894 67Denmark639,841
14United Kingdom11,522,328 68Greece617,722
15Algeria11,505,898 69Afghanistan558,393
16Spain10,894,206 70Albania506,602
17Russia9,996,405 71Norway475,809
18Sudan9,464,772 72Bulgaria432,473
19Nigeria9,000,131 73Japan428,625
20Peru8,075,317 74Macao414,228
21Brazil8,064,916 75Namibia409,356
22Australia7,320,478 76Jamaica385,890
23United Arab Emirates6,978,927 77Hungary377,045
24Syria6,939,528 78Ecuador310,259
25Chile6,889,083 79Iran301,723
26India6,162,450 80Botswana240,606
27Germany6,054,423 81Slovenia229,039
28Netherlands5,430,388 82Lithuania220,160
29Oman5,048,532 83Brunei213,795
30Yemen4,617,359 84Luxembourg188,201
31Kuwait4,468,134 85Serbia162,898
32Libya4,204,514 86Cyprus152,321
33Israel3,956,428 87Puerto Rico130,586
34Bangladesh3,816,339 88Indonesia130,331
35Canada3,494,385 89South Korea121,744
36Palestine3,367,576 90Malta115,366
37Kazakhstan3,214,990 91Azerbaijan99,472
38Belgium3,183,584 92Georgia95,193
39Jordan3,105,988 93Estonia87,533
40Singapore3,073,009 94Maldives86,337
41Bolivia2,959,209 95Angola50,889
42Hong Kong2,937,841 96Moldova46,237
43Poland2,669,381 97Iceland31,343
44Qatar2,526,694 98Turkmenistan16,279
45Argentina2,347,553 99Honduras16,142
46Portugal2,277,361 100Burundi15,709
47Cameroon1,997,658 101Haiti15,407
48Lebanon1,829,661 102Djibouti14,327
49Guatemala1,645,068 103Ethiopia12,753
50Tunisia1,595,346 104Burkina Faso6,413
51Switzerland1,592,039 105Fiji5,364
52Uruguay1,509,317 106El Salvador4,779
53Panama1,502,310 107Cambodia2,838
54Costa Rica1,464,002    

NOTE:: This article is copyright by bleepingcomputer.com and we are using it for educational or Information purpose only

The Best Internet & Mobile Security Suite  2021