Security News
In what's likely to be a goldmine for bad actors, personal information associated with approximately 533 million Facebook users worldwide has been leaked on a popular cybercrime forum for free-which was harvested by hackers in 2019 using a Facebook vulnerability. The leaked data includes full names, Facebook IDs, mobile numbers, locations, email addresses, gender, occupation, city, country, marital status broken, account creation date, and other profile details broken down by country, with over 32 million records belonging to users in the U.S., 11 million users the U.K., and six million users in India, among others.
The publicly released Facebook user data is believed to be part of a 2019 "Add Friend" Facebook security bug exploited by hackers at the time. The types of data include Facebook user mobile phone numbers, their Facebook ID, name and gender information.
Reams of personal data - including phone numbers, email addresses, and birthdays - obtained from 533 million Facebook accounts was offered to all for free on a cyber-crime forum over the weekend. The information - which also includes people's names, marital status, occupation, and location - was siphoned from Facebook in 2019 via a security weakness in the platform.
Reams of personal data - including phone numbers, email addresses, and birthdays - obtained from 533 million Facebook accounts was offered to all for free on a cyber-crime forum over the weekend. The information - which also includes people's names, marital status, occupation, and location - was siphoned from Facebook in 2019 via a security weakness in the platform.
Data breach notification service Have I Been Pwned can now be used to check if your personal information was exposed in yesterday's Facebook data leak that contains the phone numbers and information for over 500 million users. Troy Hunt has added the leaked data to his Have I Been Pwned data breach notification service to help users determine if a Facebook member's data was exposed in the leak.
The mobile phone numbers and other personal information for approximately 533 million Facebook users worldwide has been leaked on a popular hacker forum for free. The sold data included 533,313,128 Facebook users, with information such as a member's mobile number, Facebook ID, name, gender, location, relationship status, occupation, and email addresses.
Facebook may be banned in China, but the company on Wednesday said it has disrupted a network of bad actors using its platform to target the Uyghur community and lure them into downloading malicious software that would allow surveillance of their devices. "They targeted activists, journalists and dissidents predominantly among Uyghurs from Xinjiang in China primarily living abroad in Turkey, Kazakhstan, the United States, Syria, Australia, Canada and other countries," Facebook's Head of Cyber Espionage Investigations, Mike Dvilyanski, and Head of Security Policy, Nathaniel Gleicher, said.
A critical vulnerability in the official Facebook for WordPress plugin could be abused to upload arbitrary files, essentially leading to remote code execution, according to a warning from security researchers at Wordfence. Formerly known as Official Facebook Pixel, the Facebook for WordPress plugin is used on more than 500,000 sites, allowing administrators to capture actions that visitors take when interacting with the page.
Facebook has taken on a group of hackers in China that target the Uyghur ethnic group with cyberespionage activity. The hacking group, known as Earth Empusa or Evil Eye, was targeting activists, dissidents and journalists involved in the Uyghur community, primarily those living abroad in Australia, Canada, Kazakhstan, Syria, Turkey and the United States, among other countries, by using fake Facebook accounts for fictitious people sympathetic to the Uyghur community.
Backblaze has removed Facebook tracking code accidentally added to web UI pages only accessible to logged-in customers. Backblaze discovered the issue after receiving user reports on March 21 that pages on the B2 web UI were sending file names and sizes to Facebook.