UPDATED 21:47 EDT / APRIL 04 2021

SECURITY

533M Facebook user records offered on a hacking forum

A database containing details of 533 million Facebook users is being offered on a hacking forum.

First spotted April 3 by Alon Gal, chief technology officer of Hudson Rock Ltd., the data was posted by a user called TomLiner on Raid Forums and is claimed to include user names, mobile phone numbers, gender, occupation, city, country, marital status and and in some cases email addresses.

The validity of the data has been confirmed by various sites, including Insider. Bleeping Computer noted that the database includes records and phone numbers for three of Facebook’s founders: Mark Zuckerberg, Chris Hughes and Dustin Moskovitz.

The data offered is not new and dates back to at least 2019. Facebook said in a statement to Reuters that the data was “very old” and related to an issue that it had fixed in August 2019. The data itself appears to have been scraped from Facebook rather than the company being hacked.

This is also not the first time this Facebook data has appeared online. The same database was first offered for sale in May last year, with access to the database being offered via a Telegram bot in January. This specific database appears to be different from a database of 267 million Facebook users that appears online in December 2019.

Some reports claim that the database is now being offered for free, but it’s not quite that clear-cut. To gain access to the database, Raid Forum users must pay eight credits, a form of currency on the forum valued at $2.19. That said, five pages into the same thread another forum user provided direct links to some of the data for free.

Raid Forums regularly appears in the news since it has become a favorite dumping ground for the infamous hacking group ShinyHunters. Recent Raid Forum dumps from ShinyHunters include 1.9 million user records from photo editing service Pixlr and 2.28 million user records from dating site MeetMindful.

Even if the Facebook user data in the database isn’t new, it can certainly be useful for hackers looking to conduct attacks. It can be used for phishing and spam campaigns, including the use of SMS messages.

Image: Raid Forums

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU