According to a security analyst, earlier today, the sensitive personal information of more than 5 billion Facebook users was leaked on a hacker forum with a huge transaction volume, which is a big deal for millions of cryptocurrency traders and traders. The potential risk is that they may now be vulnerable to SIM card swaps and other identities based on attacks.
A large amount of information was first discovered by Alon Gal, CTO of security company Hudson Rock, who posted information about the leak on Twitter earlier today:
All 533,000,000 Facebook records were leaked for free.
This means that if you have a Facebook account, it is very likely that the phone number used by that account will be leaked.
I have not seen Facebook admit that your data is absolutely faulty. https://t.co/ysGCPZm5U3 pic.twitter.com/nM0Fu4GDY8
—Aunder Gal (under the breakthrough) (@UnderTheBreach) April 3, 2021
Gal stated that the vulnerability is related to the security vulnerability first discovered in 2019. In January 2021, it was known that hackers could use this information to access the user’s phone number; therefore, the hacker could use this information to access the user’s phone number. Now, the vulnerability has been expanded to include “phone number, Facebook ID, full name, location, past location, birthday, (sometimes) email address, account creation date, relationship status, personal profile”.
Gal believes that this information can now enable hackers and scammers to deploy various social manipulation vulnerabilities and other malicious methods:
“Bad actors will definitely use this information for social engineering, fraud, hacking and marketing.”
Cryptocurrency users are particularly vulnerable to such attacks. Earlier this year, the victim of the SIM card swap attack sued the mobile phone company T-Mobile for $450,000. In 2018, Kaspersky Lab discovered that hackers were able to steal 21,000 Ethereum in 12 social engineering attacks. , Currently worth more than 43 million U.S. dollars. Month period.
The data breach was also several orders of magnitude larger than the Ledger leak at the end of last year. Soon after more than 270,000 user information was leaked online, users reported the threat of extortion and considered lawsuits against hardware wallet companies.