Facebook said Tuesday that hackers “scraped” personal data of some half-billion users back in 2019 by taking advantage of a feature designed to help people easily find friends using contact lists.
A trove of information about more than 530 million Facebook users was shared over the weekend at a hacker forum, prompting the leading social network to explain what happened and call on people to be vigilant about privacy settings.
“It is important to understand that malicious actors obtained this data not through hacking our systems but by scraping it from our platform prior to September 2019,” Facebook product management director Mike Clark said in a post.
“This is another example of the ongoing, adversarial relationship technology companies have with fraudsters who intentionally break platform policies to scrape internet services.”
The data included phone numbers, birth dates, and email addresses, and some of the data appeared to be current, according to US media reports.
The stolen data did not include passwords or financial data, according to Facebook.
Scraping is a tactic that involves using automated software to gather up information shared publicly online.
“All 533,000,000 Facebook records were just leaked for free,” Alon Gal, chief technology officer at the Hudson Rock cybercrime intelligence firm, said Saturday on Twitter.
He denounced what he called the “absolute negligence” of Facebook.
“Bad actors will certainly use the information for social engineering, scamming, hacking and marketing,” Gal said on Twitter.
Clark urged members of the social network to check their privacy settings to control what information can be seen publicly, and to tighten account security with two-factor authentication.
This is not the first time leaks or use of data from the world’s largest social network — with nearly two billion users — has embroiled Facebook in controversy.
In 2016, a scandal around Cambridge Analytica, a British consulting firm that used the personal data of millions of Facebook users to target political ads, cast a shadow over the social network and its handling of private information.
More from AFP
- ‘Grim’ Criminal Abuse of ChatGPT is Coming, Europol Warns
- US Charges 20-Year-Old Head of Hacker Site BreachForums
- Spain Needs More Transparency Over Pegasus: EU Lawmakers
- Huawei Has Replaced Thousands of US-Banned Parts With Chinese Versions: Founder
- Poland Breaks up Russian Spy Ring
- Facebook ‘Unlawfully’ Used Dutch Personal Data: Court
- White House Cybersecurity Strategy Stresses Software Safety
- Internet Access, Privacy ‘Essential for Freedom’: Proton Chief
Latest News
- Musk, Scientists Call for Halt to AI Race Sparked by ChatGPT
- Malware Hunters Spot Supply Chain Attack Hitting 3CX Desktop App
- LeapXpert Banks $22M Funding to Secure Corporate Messaging With Consumer Apps
- Blockchain Security Firm True I/O Raises $9 Million
- Spera Banks $10 Million to Tackle Identity and Access Sprawl
- OpenAI Patches Account Takeover Vulnerabilities in ChatGPT
- OpenSSL 1.1.1 Nears End of Life: Security Updates Only Until September 2023
- New Wi-Fi Attack Allows Traffic Interception, Security Bypass
