The Personal Data of 267 Million Facebook Users Leaks Online

The Personal Data of 267 Million Facebook Users Leaks Online

If you’re a Facebook user wondering if your personal information has been leaked, the answer by this point is almost certainly “yes.” The latest privacy snafu in a long series of them involves about 267 million users. Comparitech and security researcher Bob Diachenko spotted a repository of Facebook user data exposed online for multiple weeks. It has since vanished but not before links to the data appeared on hacker forums. Yes, this is the company that wants to create its own operating system so it can stop using the open source Android OS.

The data was available in Elasticsearch, a distributed full-text search engine. The researchers report that the Facebook database first appeared in Elasticsearch on or around December 4th. On December 12th, the data appeared as a download on a hacker forum. Two days later, Diachenko discovered the database and sent an abuse report to the ISP associated with the AP address. On December 19th, the database vanished from Elasticsearch.

We can safely assume an unknown number of online criminal types managed to grab the database before it went offline. The 267,140,436 records didn’t include passwords or other highly sensitive information, but it did have Facebook IDs, phone numbers, full name, and a timestamp. From that, someone could find your Facebook profile to gather more intelligence and conduct an effective phishing attack. Comparitech notes that the database would be idea for SMS-based scams.

The Personal Data of 267 Million Facebook Users Leaks Online

We don’t currently know how the data ended up online. It’s possible a group gained access to Facebook’s system via a security flaw, but it may also have come from Facebook’s developer API. The company restricted access to that API in 2018 after the scale of the Cambridge Analytica scandal came to light. Previously, Facebook’s lax policies made it easy for developers to scrape data from the social network. While sharing that data was technically against Facebook’s rules, it had no way to stop it.

It’s troubling that this lead of millions of user records is actually a relatively minor scandal for Facebook. The company says it is looking into the incident but says it believes the data was taken before it changed its API rules last year. It’s not too worried about the outcome of the investigation, though. The social network has set aside $3 billion to cover future fines related to its privacy practices.

Continue reading

Apple Cuts Fees in Half for App Store Developers Earning Less Than $1 Million
Apple Cuts Fees in Half for App Store Developers Earning Less Than $1 Million

Going forward, Apple's customary 30 percent cut of sales on the iOS platform will drop to just 15 percent for smaller developers. Epic, however, claims this is just an attempt to split the developer community.

There Are Still 100 Million PCs Running Windows 7
There Are Still 100 Million PCs Running Windows 7

Microsoft officially ended update support for Windows 7 last year, but millions of PCs are still running this software of yesteryear. According to long-time Microsoft reporter Ed Bott, that number is probably north of 100 million a year after the end of support.

Google Slashes Play Store Fees for Developers Making Less Than $1 Million
Google Slashes Play Store Fees for Developers Making Less Than $1 Million

Google has followed Apple's lead in announcing a new, lower revenue split for all earnings under $1 million per year. Instead of paying 30 percent of every sale, developers in this category only pay 15 percent.

Man Blames Apple After iPhone Scam App Steals $1 Million in Bitcoin
Man Blames Apple After iPhone Scam App Steals $1 Million in Bitcoin

He made the mistake of downloading an app from the iOS App Store. In the blink of an eye, his fortune was gone, and he blames Apple.