Facebook has been the subject of controversy of late for its poor handling of the privacy of its users. Now, it is back in the headlines after cybersecurity experts revealed a huge collection of personal data from the social media platform was leaked online. Over 267 million accounts are reportedly compromised. So far, it seems that the majority of people affected by this incident are residents of the US. This development is alarming given the company's involvement in the Cambridge Analytica scandal early last year.
Around 267,140,436 records were collected into a comprehensive database made available online. Moreover, it was allegedly available for anyone to access given that there were no security measures in place. Business Insider indicates this incident was discovered by data-security researcher Bob Diachenko and Comparitech. The latter appears to be a consumer advocacy website dealing with tech.
The archive includes phone numbers, names, Facebook IDs and initially surfaced on December 4. After a week, it made its way to several forums, where hackers were believed to have distributed the information among themselves. Shortly after its discovery, Diachenko reported what he suspected might be a criminal activity to appropriate channels. Upon checking, it is no longer accessible as of this moment.
However, it is probable that copies of the catalogue are now in the hands of cybercriminals. "We are looking into this issue but believe this is likely information obtained before changes were made in the past few years to better protect people's information," said a representative from Facebook.
Shortly after the 2018 political debacle, the social media platform updated its API to remove phone number data. Therefore, it is possible that the exposed database contains 18-month-old records. Even so, there is still a risk that users will become the target of spam and other forms of malicious attacks.
According to Comparitech, Facebook users should update their privacy settings. The ideal setting would be to block their profiles from showing up in search engine results. It looks like the archive was hosted in Vietnam, but research is still ongoing as to how the hackers were able to gather the data. As always, the public should be wary of sharing any of their personal information online.