A database containing more than 267 million user IDs and matching phone numbers has been discovered on the internet. The leaked dataset was found by security researcher Bob Diachenko, in partnership with Comparitech. Evidence suggests it was collected through an illegal scraping process or Facebook API abuse by criminals in Vietnam.

Reports indicate that this presents a treasure trove of data for telemarketers and spam purveyors because the data looks legitimate and comes from the social network itself, not from an untrusted source. (In some cases, leaked data that is old and outdated doesn’t help would-be scammers because the names and numbers are incorrect.)

Most of the Facebook users that were affected by this leak are located in the U.S., and the data included people’s Facebook IDs, phone numbers, and their full names. 

Diachenko told Comparitech that the leaked data was most likely a result of illegal scraping or a hole in Facebook’s API. Scraping is against Facebook’s policies but can be easily done, especially if users have public profile settings. 

Because of this, Facebook users are advised to set their privacy settings to “Friends” and set the “Do you want search engines outside of Facebook to link to your profile?” setting to “No.” Diachenko also said to be wary of suspicious, unsolicited text messages. 

READ
Canon Publicly Acknowledge August Ransomware Attack