Previously-leaked details from more than 500 million Facebook users have reportedly been found on a website for hackers.
The data of some 533 million people from 106 countries was online on Saturday, according to Business Insider — including more than 32 million records on users in the US, 11 million on users in the UK, and 6 million on users in India.
Included is the data is users’ phone numbers, Facebook IDs, full names, locations, birthdates, bios, and — in some cases — email addresses, Business Insider said.
The data appears to be from 2019, according to a Facebook spokesperson.
The information was first discovered by Alon Gal, CTO of cybercrime intelligence firm Hudson Rock, who told Business Insider that a data leak of that size would “certainly lead to bad actors taking advantage of the data to perform social engineering attacks [or] hacking attempts.”
He also called the data leak “a huge breach of trust” by Facebook and “should be handled accordingly,” although he added that there isn’t much Facebook can do other than notify users to remind them to stay vigilant from phishing scams.
“This is old data that was previously reported on in 2019,” a Facebook spokesperson said. “We found and fixed this issue in August 2019.”
The breach is a reminder of the vast amount of information social media sites, particularly Facebook, keep on their users, and how difficult it can be to keep it secure.
Facebook has been grappling with data security issues for years. In 2018, the social media giant disabled a feature that allowed users to search for one another via phone number following revelations that the political firm Cambridge Analytica had accessed information on up to 87 million Facebook users without their knowledge or consent.
In December 2019, a Ukrainian security researcher reported finding a database with the names, phone numbers and unique user IDs of more than 267 million Facebook users — nearly all U.S.-based — on the open internet. It is unclear if the current data dump is related to this database.