Personal data of half a billion people (that’s billion with a b) including names, phone numbers, emails, and more has been exposed online in a massive Facebook data breach. This data breach has exposed the personal information of more than 533 million people and the social network giant has responded by saying that it’s “old data”.
This trove of personal account data comes from a huge database that previously circulated privately, but has now become public on a hacking forum for free. The news was first reported by Business Insider, which revealed that this leaked data comes from people across 106 countries, including more than 32 million Americans, around 11 million people from the UK, and roughly 6 million Indians.
Business Insider even authenticated some of the leaked data by matching phone numbers with the IDs listed in the dataset.
This is old data that was previously reported on in 2019. We found and fixed this issue in August 2019.
— Liz Bourgeois (@Liz_Shepherd) April 3, 2021
On the other hand, Facebook claims that there is nothing to worry about as this data breach is part of a leak that was reported years ago. Facebook spokesperson Liz Bourgeois claims that the vulnerability that caused this data breach was discovered and fixed back in August 2019.
However, many users objected to Facebook trying to downplay the mass data breach by saying it’s already been fixed.
Was a data breach notification sent to all impacted users? Can't find any in my inbox and GDPR requires it (at least for your EU customers). It's not fun to find out 2 years later Facebook leaked to the public something I specifically configured as private.
— Giorgio Bonfiglio (@g_bonfiglio) April 3, 2021
The Chief Technology Officer at a cybersecurity firm Hudson Rock, Gal, said that this leaked data could easily be used by hackers to impersonate Facebook users for scamming schemes.
Facebook clearly has a lot to answer for and a simple “it’s been fixed” does not cut it.