Social media - Facebook users data
A leak exposed the data of 267 million Facebook users. According to Comparitech’s representatives, this was the result of a scraping operation carried out by cybercriminals. “One possibility is that the data was stolen from Facebook’s developer API before the company restricted access to phone numbers in 2018. Facebook’s API is used by app developers to add social context to their applications by accessing users’ profiles, friends list, groups, photos, and event data. Phone numbers were available to third-party developers prior to 2018,” explained Comparitech’s Paul Bischoff.
According to consultant Bob Diachenko, Facebook’s API could also have a security hole. Thus, criminals could access user IDs and phone numbers. This might have happened even after the company restricted the access. Another scenario is that hackers stole without using the Facebook API at all. Instead, hackers might have collected the data of Facebook users from publicly visible profile pages.
Researchers warn that such a large database of sensitive information could be very useful for bad guys in major spam, phishing and smishing campaigns. Smishing is the name of the phishing attacks that try to trick users into giving their private information via SMS or text messages.
While Facebook tries to make users trust more the social media network, these kind of events seem to have the opposite effect.
According to the researchers, data appeared online on the 12th of December, after it was first indexed eight days before. Diachenko discovered it on December 14. He notified the internet service provider managing the IP address. After five days, it became unavailable. It seems that the original leak of appeared because of a misconfigured Elasticsearch cluster. Elasticsearch is a distributed, open source search and analytics engine for all types of data.
Lately, unsecured databases create lots of problems for the users. In November, personal data of over one billion users harvested by data enrichment companies was found exposed. Then, in December, the same amount of email and password combinations were found the same way by Diachenko. It seems that hackers stole these or bought them.
BSOD or Blue Screen of Death errors, such as WHEA uncorrectable error, are common on…
VirusTotal is a free service by Google to analyze suspicious files, domains, URLs, and IP…
You are being tracked online! All of us are. Recall how many times you searched…
The best torrent sites have always been a popular way to seek free entertainment, niche…
Despite being discontinued, the Canon iP2770 is still a user favorite energy-efficient inkjet printer with…
Are errors such as “sync pending,” “file locked,” or “processing changes” disrupting your cloud storage…