267 Million Facebook User Records for Sale on Dark Web
A cache of Facebook user data was found for sale on the dark web. The Facebook dark web data includes names, emails, phone numbers, and other personal information. Cyber security researchers at Cyble found the database of 267 million Facebook user records and bought them. The data was sold for a mere £500. It is unknown how the data was obtained – through profile scraping or an API interface.
Individuals can check to see if their Facebook user ID or email is for sale on https://amibreached.com/ Even though no passwords were found in the database, anyone who is part of this cyber security incident should change their Facebook password straight away. In this type of incident, people often think they are safe since no money or payment information was stolen. The reality is, the dark web data – especially email, name, and phone number – can be used to send spear phishing email and scam SMS text messages. The messages can be seen as believable since they will contain personal information such as your name, age, and phone number. These types of personalized scams can lead directly to compromised bank accounts, stolen credit cards, financial losses, and identity theft.
Facebook Dark Web Data Includes
- Facebook ID
- First name
- Last name
- Phone Number
- Last connection
Facebook is notorious for relentlessly collecting information about its users and even non-users across all of their activities in on the internet. The company makes money by selling aggregate user data from its properties Instagram, Facebook, Messenger, and WhatsApp to advertisers. Facebook is infamous for the Cambridge Analytica scandal in which the data of 50 Million Facebook users was collected through online personality tests. Cambridge Analytica sold the data – and the user profiles they built from that data – to several political groups.
Cyble is a cyber security firm located in Singapore. They monitor the dark web for stolen user credentials, email addresses, usernames, and passwords. Cyble researchers bought the data and verified the contents. According to Cyble the dark web marketplace where this data was bought also contains breached other data treasure troves from companies like Zynga, Facebook, Houzz, StockX and many others.
In case you were wondering, 267 million Facebook profiles only costs £500 (about $620 USD)
The owner of the server hosting the data took the data sale down after being contacted by cyber security researchers. However, it reappeared online with another bonus 42 million user records. Of this new cache of Facebook user profiles, 14.8 million records contained additional information.
Additional Stolen Data Includes
- Email addresses
Neither cache of Facebook data does not include passwords. Which is a good thing since many people use the same password over and over across multiple online accounts. However, the sold Facebook dark web information can still be used for identity theft, phishing emails, and other online scams.
How Do Hackers Make Money
Well, the hackers who posted the database of Facebook data made money by selling it. They may have sold the same data many times over, leaving all of those people vulnerable to phishing emails, online scams, and identity theft.
- Spear Phishing Campaigns – Hackers send targeted emails to people using the email address attached to a Facebook profile. They may try to trick the user into “resetting their password” and then stealing it
- Stealing Facebook Passwords – Since people often use the same password for multiple accounts, stealing your Facebook password can lead to successful hacks into bank accounts or any other account that users the same email address
- Phishing emails – With just your email address, hackers can send phishing emails to scam more sanative information from you – like bank account numbers, credit card numbers, and passwords
- Spam emails – The email addresses of 267 million Facebook users were for sale on the dark web – it is easy to start spamming them with online scams
- SMS Spam Texts – Phone numbers were part of this Facebook dark web data sale – Read our guide on SMS Phishing scams and report these spammers to your wireless carrier