Multiple Faces Detected
April 6th, 2021
On Saturday, April 3, 2021, millions of people had their information stolen from their Facebook profiles as they suffered a data breach. A user on a low-level hacking forum leaked information from millions of users, exposing their phone numbers and other personal data. While major websites need to notify us of any potential data breaches, their public announcement could be buried under hundreds of other emails we might have. This is why it’s important to learn about the recent Facebook data breach and how we could make sure our information wasn’t leaked.
Who Did the Facebook Data Breach Affect?
The Facebook data breach affected 533 million users from 106 countries all across the world. There were over 32 million records from the United States, 11 million records from the United Kingdom, and 6 million records from India that were leaked. The information leaked included birthdays, phone numbers, Facebook IDs, full names, locations, bios, and email addresses. Scammers can use this information to commit identity fraud and build fake profiles.
An insider confirmed that the data of millions of these profiles were actually leaked. They matched known phone numbers of Facebook profiles to their Facebook IDs to confirm that their phone numbers were actually leaked. They also typed in emails of Facebook users into the “Forgot Password” slot to make sure that their phone numbers matched their emails. When you type in an email and click “Forgot Password,” it will show part of that user’s phone number, which matched the phone numbers that were on the list.
How Did This Data Breach Happen?
A Facebook spokesperson confirmed that there was a vulnerability in Facebook’s security system that was patched up in August 2019. Before the vulnerability was patched up, there was a data breach back in June of 2013 that affected 6 million users due to a bug that had exposed information to unauthorized users.
Then, Cambridge Analytica stole phone numbers from 80 million users in order to target voters with their political ad campaign back in 2016.  After this, there were two data breaches back in 2018 that affected 64 million users and five data breaches in 2019 that affected billions of users.
Then a few years later in January 2021, a user in a low-level hacking forum obtained a list of past leaked information that was exposed due to this vulnerability. This user posted an advertisement in the forum that there was an automated bot that could provide phone numbers for hundreds of Facebook users. All they needed to do was pay the hacker money for this bot.
Then on April 3, 2021, this data was released on a low-level hacking forum by a Facebook user so that users didn’t have to pay for this information. Even though this data is just a few years old, it is still valuable to hackers and scammers who want to commit identity fraud, steal Facebook profiles, and create fake profiles based on other people’s information. Now that this data is free, scammers and hackers are more likely to use this information for their crimes, leaving millions of users at risk.
How Do I Know if I Have Been a Victim of a Data Breach?
At Social Catfish, you can reverse search any email address to see if it has been affected by any data breaches. All you need to do is reverse search the email address that you think was leaked in a data breach, and our reverse search platform will show you where your information was leaked. You can also reverse search any name, email address, phone number, social media username, or image of the person you suspect leaked your information in a data breach. If your information was used in a scam, make sure to contact the FTC and report the scam.
