As I warned markzuckerberg few months ago,then you can see this privacy disaster on Facebook!!! Next has to be WhatsApp...
Some few days ag
o another privacy disaster hits Facebook users.But mark Zuckeberg and his team would not have read such news with surprise because I remember few months ago I wrote about the database uncertainties and irregularities especially in the login credentials.I have read mant tweets about this and seemingly many this it is a problem prone to the western hemisphere,am telling you that"africa" is also under this privacy threat!!It should be noted carefully that even whatsApp is with privacy issues,under some research on security of social media,I in June this year discovered that the VPNs used mainly in African can make many fall prey to privacy leakages of which leakages are Paramount to the users security in terms of gps location ,phone book,calls and sms ...etc..i i wi write about this later in my final analysis by the end of September.
To add insult to the already enraged privacy advocates, Facebook has yet again disappointed its user base. It has been revealed that 419 million phone numbers belonging to Facebook users have been exposed due to a breach in an online unsecured database.
The database contained 133 million records from the US, 18 million in the UK and 50 million in Vietnam. However, a Facebook spokeswoman has added that in actuality the data of 210 million users was revealed since the unsecured database contained duplication.
About more than a year ago, if you entered a phone number into Facebook’s search bar, it would reveal the account connected to that number. Although Facebook has abandoned this practice, it is believed that the phone numbers were scraped before it did so.
Unsecured database leaked phone numbers of 419 million Facebook users
Screenshot of the leaked database
However, according to GDI Foundation’s security researcher Victor Gevers tweeted that “Although Facebook had disabled the API that shares users mobile phone & address details back in 2011, this data leak with scraped Facebook details was deployed recently in August 2019 on the latest version (4.0.12) of MongoDB. There is also a mail server running on that server.”
Although Facebook had disabled the API that shares users mobile phone & address details back in 2011, this data leak with scraped Facebook details was deployed recently in August 2019 on the latest version (4.0.12) of MongoDB. There is also a mail server running on that server 🤔 https://twitter.com/zackwhittaker/status/1169327242528219136 …
There were several databases on the exposed server containing 419 million records — including 133 million on U.S.-based Facebook users and 18 million on U.K. users.
Nevertheless, the breach is still alarming for a number of reasons. Firstly, phone numbers are a goldmine for hackers who would definitely enjoy sending loads of marketing messages and calls to these users.
Secondly, they could be used to aid in sim swapping for users who have been using their phone numbers as a part of two-factor authentication. How serious can this be? Well, last week, Jack Dorsey’s Twitter account was compromised just due to such a technique despite him being the CEO so this leaves a layman much more vulnerable.
Moreover, the phone numbers were linked to Facebook accounts identifiable by a unique public ID assigned by the platform and that could be used to discern someone’s username.
“TechCrunch verified a number of records in theunsecured database by matching a known Facebook user’s phone number against their listed Facebook ID. We also checked other records by matching phone numbers against Facebook’s own password reset feature, which can be used to partially reveal a user’s phone number linked to their account,” reported the site.the unsecured database has been taken down with Facebook investigating in the meanwhile. We do not know if the affected users would be compensated in any way or even be informed. This leaves us with a simple yet profound lesson of not relying on companies no matter how big they may seem, there will always be human errors after all.
To add insult to the already enraged privacy advocates, Facebook has yet again disappointed its user base. It has been revealed that 419 million phone numbers belonging to Facebook users have been exposed due to a breach in an online unsecured database.
The database contained 133 million records from the US, 18 million in the UK and 50 million in Vietnam. However, a Facebook spokeswoman has added that in actuality the data of 210 million users was revealed since the unsecured database contained duplication.
About more than a year ago, if you entered a phone number into Facebook’s search bar, it would reveal the account connected to that number. Although Facebook has abandoned this practice, it is believed that the phone numbers were scraped before it did so.
Unsecured database leaked phone numbers of 419 million Facebook users
Screenshot of the leaked database
However, according to GDI Foundation’s security researcher Victor Gevers tweeted that “Although Facebook had disabled the API that shares users mobile phone & address details back in 2011, this data leak with scraped Facebook details was deployed recently in August 2019 on the latest version (4.0.12) of MongoDB. There is also a mail server running on that server.”
Although Facebook had disabled the API that shares users mobile phone & address details back in 2011, this data leak with scraped Facebook details was deployed recently in August 2019 on the latest version (4.0.12) of MongoDB. There is also a mail server running on that server 🤔 https://twitter.com/zackwhittaker/status/1169327242528219136 …
There were several databases on the exposed server containing 419 million records — including 133 million on U.S.-based Facebook users and 18 million on U.K. users.
Nevertheless, the breach is still alarming for a number of reasons. Firstly, phone numbers are a goldmine for hackers who would definitely enjoy sending loads of marketing messages and calls to these users.
Secondly, they could be used to aid in sim swapping for users who have been using their phone numbers as a part of two-factor authentication. How serious can this be? Well, last week, Jack Dorsey’s Twitter account was compromised just due to such a technique despite him being the CEO so this leaves a layman much more vulnerable.
Moreover, the phone numbers were linked to Facebook accounts identifiable by a unique public ID assigned by the platform and that could be used to discern someone’s username.
“TechCrunch verified a number of records in theunsecured database by matching a known Facebook user’s phone number against their listed Facebook ID. We also checked other records by matching phone numbers against Facebook’s own password reset feature, which can be used to partially reveal a user’s phone number linked to their account,” reported the site.the unsecured database has been taken down with Facebook investigating in the meanwhile. We do not know if the affected users would be compensated in any way or even be informed. This leaves us with a simple yet profound lesson of not relying on companies no matter how big they may seem, there will always be human errors after all.
Comments
Post a Comment