Keep in touch with Rebel News in case something like this happens again. Click here to provide us with your email so we can send you stories on subjects that you are interested in.
Facebook, as well as associated platforms Instagram and WhatsApp, is down, and the company has not revealed any reason for the outage. The social media platforms became inaccessible shortly after details of a massive breach went public on security forums.
More than 1.5 billion Facebook users may have had their information breached by hackers on Monday after a data dump containing their personal information was advertised for sale on a hacking forum, potentially enabling cybercriminals and spam mailers to target Facebook users worldwide.
The dump would constitute the biggest and most significant breach of Facebook since an earlier 2021 data dump that affected 500 million users.
Privacy Affairs, a security news website, reports that data scrapers are selling sensitive personal data on 1.5 billion Facebook users. Including user’s names, emails, phone numbers, locations, gender identification, and user ID. According to the website, the “data appears to be authentic.” Privacy Affairs clarified that the data breach “is completely unrelated to the global Facebook outage.”
According to Privacy Affairs, a user of a known hacker forum announced that he claimed to possess the personal data of more than 1.5 billion Facebook users in late September. The user advertised the data for sale on the platform and is seeking potential buyers for the entirety of the dump, or in smaller quantities.
“One prospective buyer claims to have been quoted $5,000 for the data of one million Facebook user accounts,” Privacy Affairs reported, adding that the user who is selling the hack presented samples of the data that appeared to be authentic.
Cross-checking them with known Facebook database leaks resulted in no matches, implying that at first glance, the sample data provided is unique and not a duplicate or re-sell of a previously known data breach or scraping.
The seller claims to represent a group of web scrapers in operation for at least four years, alleging that they’ve had over 18,000 clients during this time.
The hacker claims to have obtained the data by scraping Facebook rather than hacking or compromising individual users’ accounts. Scraping is a method by which data can be obtained and harvested through public channels and organized into a database.
While users did not have their personal accounts breached, the information compiled nonetheless constitutes a security threat to the 1.5 billion affected users.
It is unclear if the privacy breach is related to the outage that Facebook and its related applications are currently experiencing.
Reuters reports that the disruption hit Facebook’s platforms a day after a whistleblower accused the firm of prioritizing profit instead of censoring hate speech and misinformation related to the pandemic.
Facebook was inaccessible because users were not being directed to the correct place by the Domain Name System. Facebook itself controls the relevant settings.
Security experts tracking the situation said the outage likely was triggered by a configuration error that left directions to Facebook servers unavailable. That could be the result of an internal mistake, though sabotage by an insider would be theoretically possible.
An outside hack was viewed as less likely. A massive denial-of-service attack that could overwhelm one of the world's most popular sites, on the other hand, would require either coordination among powerful criminal groups or a very innovative technique.
Facebook acknowledged users were having trouble accessing its apps but did not provide any specifics about the nature of the problem or how many were affected by the outage.