According to Alon Gal, the CTO of cyber intelligence firm Hudson Rock, there are data from more than 32 million accounts in the United States, 11 million in the United Kingdom, and 6 million in India.
Details in some cases include full name, location, date of birth, email addresses, phone number and relationship status, he said.
Hudson Rock showed CNN Business the phone numbers of two of our senior employees listed in the database.
The leak was first reported by the news website Insider.
“This is old data that was previously reported in 2019. We found and resolved this issue in August 2019,” Facebook spokesman Andy Stone told CNN on Saturday.
Facebook did not say whether it notified affected users at the time.
Stone added, “In 2019, we removed people’s ability to find others directly with their phone number on both Facebook and Instagram – a feature that can be exploited using sophisticated software code to impersonate Facebook and provide a phone number. to find out which users it belongs to. to. ”
Although this data is from 2019, it can still be of value to hackers and cyber criminals, such as those involved in identity theft.
Hudson Rock’s Alon Gal pointed out on Twitter that the way the data was sorted and posted to the hacking site this week makes it much more accessible for criminals to abuse.
Rachel Tobac, an ethical hacker and CEO of SocialProof Security, told CNN, “This is the data cybercriminals spend time looking for social engineering attacks (a type of hacking) – but now it’s all in one place and easily accessible. in this leak, making social engineering faster and easier. “
