Data theft / Security hole / Uncategorized

Data leak on Facebook: 419 million public phone numbers!

Data leak on Facebook: 419 million public phone numbers!

One data leak on Facebook follows the next – it won’t be quiet around the social network group. Now 419 million phone numbers of accounts have been published. The unencrypted data is linked to the Facebook ID and can thus be clearly assigned.

Data leak on Facebook partially reveals clear names, gender, and nationality.

The group promises a lot and actually changes a lot – but it doesn’t seem to benefit much. After the Graph Search has already been switched off in the past, which has now prevented anonymous searches by everyone, a database now appears containing around 419 million telephone numbers of Facebook accounts.

But it goes beyond phone numbers. For some accounts, the data records also contain additional, personal information such as the clear name, gender and, in some cases, nationality. Who collected and stored the data and for what purpose? So far unknown. In any case, the database is no longer available.

Facebook confirms data theft with telephone numbers.

At that time it was possible to find users on Facebook by entering their telephone number. There were attack possibilities – in which one tried out numerous telephone numbers, and found the suitable accounts over it.

The data theft of information which does not contain the password is nevertheless to be rated as critical. Extensive personal information makes it possible to take over identities. One example is SIM swapping.

What are the consequences of the data leak on Facebook?

In the end there will be another penalty for Facebook. But more important for users is the information that their own data has been stolen. In order to prevent fraud, common information should be updated. For this reason, it makes sense, for example, not always to fill out mandatory fields truthfully.

Write down security questions and do not answer them with real data. If you need the answers one day, you should have them ready. Here a password safe is suitable – or a physical safe at home. Of course, you should also regularly think about whether you still use the social networks to the same extent. If not, it is also worth deleting your account. We have already written about numerous problems in our blog. These include, for example, the articles:

We have created a help function to make this easier when needed. Under cyberpflege everyone can see how easy or difficult, or even impossible, it is to unsubscribe from certain websites.

Photo of author

Chris Wojzechowski

Mein Name ist Chris Wojzechowski und ich habe vor wenigen Jahren meinen Master in Internet-Sicherheit in Gelsenkirchen studiert. Ich bin geschäftsführender Gesellschafter der AWARE7 GmbH und ausgebildeter IT-Risk Manager, IT-Grundschutz Praktiker (TÜV) und besitze die Prüfverfahrenskompetenz für § 8a BSIG. Unser Brot und Buttergeschäft ist die Durchführung von Penetrationstests. Wir setzen uns darüber hinaus für ein breites Verständnis für IT-Sicherheit in Europa ein und bieten aus diesem Grund den Großteil unserer Produkte kostenfrei an.