The phone numbers shared publically by 267 millions of users of social media site Facebook were shared on a particular online forum where apparently Hackers are roaming.
The database shared on that online forum was for phone numbers of appropriately 267million users of Facebook. Users IDs were also discovered by a cybersecurity company named Comparitech which was working in partnership with the security researcher named Bob Diachenko.
Many of the Facebook users list their phone numbers publically but this makes this database to be easily accessible and is then used by the malicious people to use them in phishing and spam schemes.
This database might have also been created by the use of Facebook API which is a tool that allows the 3rd party developers to have access to the information of Facebook users to help them create Facebook apps. Still, the access to phone numbers of users was restricted by Facebook API back in 2018, so there is a possibility that the data might have been gathered before the new policy was implemented.
As per the cybersecurity firm and researcher, this massive operation of private information breaching was carried out by a malicious group working in Vietnam.
This database was not at all protected by any passwords and was thus available for a public user to open. Diachenko normally notifies the owners of the exposed databases to help them secure it. But in this particular case, the owners of this database were maintaining it in an illegal manner. So the security researchers instead of notifying the user informed the particular internet service provider that was managing the IP address for the server that had the database stored and thus was shut down on December 19th. Diachenko believes that this database might have been set to the public by a mistake.
Security researchers warn the Facebook users, who have set their phone numbers as public, to beware of any calls or text messages on their personal phone numbers as they could be used for campaigns like phishing or spamming.
There had been other incidents these years regarding information breach of Facebook. One such incident occurred back in September where the database for almost 400 million users for the IDs and their Pone Numbers was discovered.
The best safety measures as per Comparitech for the Facebook users is to set their private profile to Friends or Only Me in their privacy settings. They also recommend turning off the option that allows for the search engines to link with their Facebook Profile. This will add considerable help in preventing third parties to access a user’s private information. Otherwise, the only option to prevent it all together is to deactivate or delete the Facebook profile.