Social media giant Facebook on April 6 said that the hackers “scraped” personal data of at least half-billion users in 2019 by taking the advantage of a feature that was designed to help people easily discover their friends using contact lists. Over the weekend, valuable information of over 530 million Facebook users was shared at a hacker forum which prompted Mark Zuckerberg-led company to explain the turn of events while also calling on people to remain vigilant about the privacy settings.
Facebook issued a statement on April 6 following a Business Insider report about the personal data of social media users being available in an unsecured database. Facebook product management director Mike Clark said in a post, “It is important to understand that malicious actors obtained this data not through hacking our systems but by scraping it from our platform prior to September 2019.” He further noted that scraping is a “common tactic” which is usually carried out due to automated software.
“The methods used to obtain this data set were previously reported in 2019. This is another example of the ongoing, adversarial relationship technology companies have with fraudsters who intentionally break platform policies to scrape internet services, said Clark.
“As a result of the action we took, we are confident that the specific issue that allowed them to scrape this data in 2019 no longer exists. But since there’s still confusion about this data and what we’ve done, we wanted to provide more details here,” he added.
What kind of data was leaked?
The data scrapped in the 2019 hacking included phone numbers, birth dates, and email addresses along with some data that appeared to be current, stated in several US media reports. The stolen data, however, did not include any passwords or financial data, claimed Facebook. “All 533,000,000 Facebook records were just leaked for free,” Alon Gal, chief technology officer at the Hudson Rock cybercrime intelligence firm, said Saturday on Twitter while criticising Facebook’s “absolute negligence.”
“Bad actors will certainly use the information for social engineering, scamming, hacking and marketing,” Gal said on Twitter while Clark in the blog post urged the users of the social network to keep a tab of their privacy settings to control the outflow of information. Clark said, “While we addressed the issue identified in 2019, it’s always good for everyone to make sure that their settings align with what they want to be sharing publicly.”
Image credits: Unsplash/Pixabay