According to a report by a cloud security course firm, two databases with more than 300 million Facebook user records were found exposed on the Internet to anyone’s reach. Security firm Comparitech, in collaboration with researcher Bob Diachenko, was in charge of the incident report, involving two Elasticsearch implementations. Although the investigation is still ongoing, the expert believes that this information is likely to be collected through abusive social media data search activities linked to gangs of cybercriminals based in Vietnam.
Among the compromised details is Facebook user IDs, names and phone numbers linked to accounts. Threat actors could use this information to deploy phishing campaigns, mass sending of spam SMS, and even some variants of identity fraud. Although the researchers immediately reported their finding, they noted that the database had already been shared in a hacking forum.
Members of the cloud security course firm mention that a database with more than 260 million records was initially found. A few days later, researchers found a second exposed Elasticsearch implementation, containing more than 42 million records, so the incident has reached nearly 310 million exposed records.
It is a protocol in the cybersecurity community to issue the report to the company that owns the database when a researcher makes such a finding. However, because researchers believe this database is managed by a cybercriminal group, researchers focused on trying to identify the IP addresses associated with the databases, the cloud security course firm mentions.
It is not yet clear how cybercriminals gained access to the phone numbers of affected Facebook users. The International Institute of Cyber Security (IICS) considers that one possibility is that information was extracted from a Facebook developer’s API before the social network restricted access to this data.
It should be noted that developers outside Facebook had access to this information before the company updated its policies in 2018, so this data may be out of date.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.