Security News

Facebook wants you to believe that the scraping of 533 million people's personal data from its platform, and the dumping of that data online by nefarious people, is something to be "Normalised." A blundering Facebook public relations operative managed to send a journalist a copy an internal document detailing the antisocial network's strategy for containing the leaking of 533 million accounts - and what the memo contained was infuriating though unsurprising.

A large BGP routing leak that occurred last night disrupted the connectivity for thousands of major networks and websites around the world. Although the BGP routing leak occurred in Vodafone's autonomous network based in India, it has impacted U.S. companies, including Google, according to sources.

PHP maintainer Nikita Popov has posted an update concerning how the source code was compromised and malicious code inserted - blaming a user database leak rather than a problem with the server itself. The PHP code repository was compromised late last month with the insertion of code that, if left in place, would have enabled a backdoor into any web server running it.

From the Facebook data samples seen by BleepingComputer, almost every user record had a mobile phone number, a Facebook ID, a name, and the member's gender associated with it. Facebook has shed some light on the recent data leak comprising 533 million Facebook user profiles, data from which was posted on a hacker forum last week.

Facebook said Tuesday that hackers "Scraped" personal data of some half-billion users back in 2019 by taking advantage of a feature designed to help people easily find friends using contact lists. A trove of information about more than 530 million Facebook users was shared over the weekend at a hacker forum, prompting the leading social network to explain what happened and call on people to be vigilant about privacy settings.

Ireland's Data Protection Commission is investigating a massive data leak concerning a database containing personal information belonging to more than 530 million Facebook users. "Previous datasets were published in 2019 and 2018 relating to a large-scale scraping of the Facebook website which at the time Facebook advised occurred between June 2017 and April 2018 when Facebook closed off a vulnerability in its phone lookup functionality," the DPC said.

Reams of personal data - including phone numbers, email addresses, and birthdays - obtained from 533 million Facebook accounts was offered to all for free on a cyber-crime forum over the weekend. The information - which also includes people's names, marital status, occupation, and location - was siphoned from Facebook in 2019 via a security weakness in the platform.

Data breach notification service Have I Been Pwned can now be used to check if your personal information was exposed in yesterday's Facebook data leak that contains the phone numbers and information for over 500 million users. Troy Hunt has added the leaked data to his Have I Been Pwned data breach notification service to help users determine if a Facebook member's data was exposed in the leak.

Personal and financial information stolen from Stanford Medicine, University of Maryland Baltimore, and the University of California was leaked online by the Clop ransomware group. Data stolen in the attack targeting Stanford Medicine's Accellion server includes names, addresses, email addresses, Social Security numbers, and financial information, reported the Stanford Daily.

Wi-Fi kit-slinger Ubiquiti has suggested the attacker that accessed some of its cloud-hosted systems in January 2021 may have made off with source code and employee logins, not the customer data it initially warned could be in peril. Ubiquiti has not said when the external experts decided customer data was untouched.