Facebook user IDs and phone numbers of over 500 million users are up for sale via a Telegram bot, according to a report by Motherboard. Mobile phone numbers of close to 500 million Facebook users are available for sale via an automated Telegram bot, reported Motherboard. The website was first alerted about the bot by Alon Gal, who is the co-founder and CTO of
Mobile phone numbers of close to 500 million Facebook users are available for sale via an automated Telegram bot, reported Motherboard. The website was first alerted about the bot by Alon Gal, who is the co-founder and CTO of cybersecurity firm Hudson Rock. Also Read - Telegram Desktop version 8.0 update released brings in multiple highly requested features
According to Gal, a vulnerability that was reported in 2020 and patched as well, was exploited to create a database containing the information of 533 million users across all countries. This includes data on Facebook users from countries including India, Australia, the US, and Canada. In India, data of over 6,162,450 users have been affected. Also Read - WhatsApp multi-device for iPad users in the works, release expected soon
Although the data is from 2019, it still poses a privacy and security risk for people whose phone numbers have been exposed. It is uncommon that users change their phone numbers every year, so a large number of users who might still have the same phone number associated with their Facebook account, which has been exposed. Also Read - Facebook Messenger is getting this important WhatsApp-like feature
In early 2020 a vulnerability that enabled seeing the phone number linked to every Facebook account was exploited, creating a database containing the information 533m users across all countries.
It was severely under-reported and today the database became much more worrisome 1/2 pic.twitter.com/ryQ5HuF1Cm
— Alon Gal (Under the Breach) (@UnderTheBreach) January 14, 2021
“It is very worrying to see a database of that size being sold in cybercrime communities, it harms our privacy severely and will certainly be used for smishing and other fraudulent activities by bad actors,” Gal said.
The Telegram bot allows for identifying a person’s Facebook user ID if someone has their phone number and vice versa. “The initial results from the bot are redacted, but users can buy credits to reveal the full phone number. One credit is $20, with prices stretching up to $5,000 for 10,000 credits,” as per the Motherboard report.
This is not the first time that Facebook has come under the scanner for how it handles the privacy of users. In December 2019, details of over 267 million Facebook user’s IDs, phone numbers, and names were compromised. According to Comparitech, Bob Diachenko, a security researcher uncovered the database, which uploaded as a single file.Facebook user IDs, phone numbers of over 500 million users up for sale via Telegram bot View Story