Check Facebook for "data related to security vulnerabilities modified in 2019"
Post similar data on personal information sales site in January
(San Francisco= Yonhap News Agency) Correspondent Jung Sung-ho = Personal information such as phone numbers of about 500 million Facebook users of the world's largest social media has been leaked.
Business Insider and Reuters reported on the 3rd (local time) that the personal information of 533 million Facebook users was virtually released for free on a well-known online bulletin board of hacking.
This personal information belongs to Facebook users in 106 countries around the world, including phone numbers, Facebook IDs, names, residences, birthdays, histories, email addresses, and gender.
Business Insider reported that some of the leaked personal information was verified by matching the phone number of a Facebook user.
Alan Gall, co-founder and chief technology officer of Israel's cybercrime intelligence firm Hudson Rock, said the database appears to be the same as Facebook-related phone numbers that have been circulating among hackers since January this year.
Facebook said in a statement that the data was "very old" and related to a security vulnerability that was modified in August 2019.
According to a screenshot of a personal information sales site released by Gal CTO on January 14 this year, personal information such as 44 million Egyptian users, 40 million Tunisia, 35 million Italy, 32 million U.S., 28 million Saudi Arabia, and 20 million France were leaked.
It was posted on the site that it sold personal information of about 121,000 Korean Facebook users at that time.
Gal CTO warned that even years-old data could be useful for cybercriminals who pretend to be someone else or steal login information using personal information.
Gal CTO said, "A database of this size containing private information such as the phone number of many Facebook users will definitely be used by bad people to make social engineering attacks or hacking attempts."
Socio-engineered attacks refer to hacking techniques using the vulnerability of the person running the system, not the security vulnerability of the system.
He said there is not much Facebook can do in terms of security as the information has already been leaked, but said Facebook can only notify users to be careful not to be subjected to potential phishing or fraud.
It is not the first time Facebook has leaked user personal information. In 2016, ahead of the U.S. presidential election, British political consulting firm Cambridge Analytica collected data of 80 million Facebook users for political advertisements, which was belatedly revealed, causing a big controversy.