The personal information of 267 million Facebook users was available for sale on the dark web for 600 dollars. Indeed, after the researchers of a Cybersecurity company discovered a leak of 530,000 Zoom accounts for sale on the dark web a few days ago, the specialized site Bleeping Computer reports that 267 million Facebook accounts have also been hacked and their data available for sale on the dark web.
Data from 267 million Facebook users on sale for just $600
The personal data of these 267 million Facebook users was on sale for only 500 pounds, or around 600 dollars.
The personal information from social media accounts did not have passwords, and most came from U.S. accounts. However, a lot of information such as full names, identifiers, email addresses, dates of birth and even the telephone numbers of users were available in this data.
Information that is worth gold for hackers, especially for those who specialize in phishing. This allows them, for example, to extract personal data from users, by acting as an official body.
According to Bob Diachenko, the researcher responsible for this find, the group of hackers who put this data on the dark web for sale have found it through a Facebook’s programming interface (API). However, this is only a hypothesis by the researcher.
Finally, personal data, sold on the dark web, of hacked Facebook accounts were quickly bought by Cyble. It’s the company responsible for discovering the sale of Zoom accounts, in order to prevent hackers from having access to them.
Cyble researchers executed the sale and were able to download and verify the data. The impacted users will be able to verify this on Cyble’s data breach monitoring platform, AmIbreached.com shortly.
At this stage, Cybke researchers does not know how they do to leak the data. It might be due to a leakage in third-party API or scrapping. The data contain sensitive details on the users, it might be in use by cybercriminals for phishing and spamming.
Cyble recommends users to tighten their privacy settings on their Facebook profiles. And be cautious of unsolicited emails and text messages. We are currently indexing the data at our darkweb monitoring platform, and retail users can access it via AmIbreached.com