Connect with us


419 million Facebook Phone numbers and IDs Exposed via unsecured Server: Report



419 million Facebook Phone numbers and Ids Exposed vi unsecured Server: Report

A massive database hundreds of millions of Facebook user IDs and Phone number has been found online. The database was found on an unsecured server, It was not password-protected and available for anyone to access.

The exposed server reportedly contained more than 419 million records over several databases on users across geographies. Including 133 million records on US-based Facebook users alone. Another 18 million records of users in the Uk and over 50 million records of users in Vietnam.

TechCrunch reported the database contains over 418 million records comprising Facebook IDs and associate phone numbers. The records also contain additional information such as the gender and location of the user.

A Facebook server containing a database that, in total, detailed the phone numbers of 419 million users, linked to their Facebook account IDs, was found to be unprotected by any password. The report highlighted that the information contained in the database were legitimate and verified. TechCrunch also checked these records by mathcing phone numbers against Facebook’s own password reset feature.

Also Read: Truecaller crosses 1 million paying subscribers globally

It’s not clear exactly how long the database has been up and it may have been accessed by malicious groups the world over. The data base is very old, Facebook’s inability to contain and secure the data it harvests is almost comically absurd at this point. There is no information on the owner of the database and on how it was generated.

The exposed server and the database were found by Sanyam Jain, a security researcher and member of the GDI foundation. Facebook’s spokesperson Jay Nancarrow said the data had been scraped before the company cut off access to the user phone number.

The data set has been taken down and we have seen no evidence that facebook accounts were compromised, the spokesperson told TechCrunch.

It remains unknown who exactly scraped the data, when it was scrapped and why the information was scraped. The spokesperson also confirmed that the database had been closed down.

There is no evidence that any Facebook accounts were compromised as a result. The account compromises could come later if any threat actors had access to the database before they were removed, Forbes reported.

Source: BGR India

I am a Software developer, and i love working with WordPress and dig into WordPress, explore what’s possible and share his knowledge with readers.