267 Million+ Records for Just $600
As if Facebook is not having enough aches, leakage of sensitive data is adding to it now. Bob Diachenko, a security researcher, has found an open database containing more than 267 million user records last month through an Elasticsearch scan. And when he informed the relevant ISP, they took down the server hosting that database. But, there’s yet another server brought online immediately, which has the same 267 million records plus another 42 million! The database mostly contained the profiles of US citizens, and 16.8 million records of the entire database have email addresses, birthdate, and gender. The whole database was on sale for a price tag of £500 ($623) in hacking forums of the dark web. Cyble, a cyber intelligence firm who purchased to verify the database, agreed the database is adequate for conducting phishing and spamming related attacks. Cyble and Bob Diachenko said they still don’t understand how this database was compiled and leaked and believes to be a mistake of third-party Facebook API leak or data scarping. Whatever, the records contained email addresses, name and phone numbers in few cases, which are enough to spoof users into phishing sites and steal their credentials for further hacks. Cyble recommends users to be aware of unsolicited emails and tightening their privacy settings on Facebook. Via: BleepingComputer