An exposed server on the web was found leaking the data of hundreds of millions of Facebook users. First reported by TechCrunch, the exposed server was discovered by security researcher Sanyam Jain who said that the database contained phone numbers of some celebrities as well.
Along with contact numbers, the database also contained Facebook IDs and in some cases names, countries, genders of users. Breaking it down, the database includes 133 million records from the US, 18 million from the UK, and 50 million from Vietnam.
However, the exposed server doesn’t belong to Facebook and the database wasn’t password-protected either.
Earlier, it was known that phone numbers of around 419 million Facebook users were leaked. But Facebook discarded that allegation and said that the number of affected users is nearly half of what is being claimed, as much of the database is duplicate information.
The company told Engadget that the data present on the server is old and the information present on it was scrapped before Facebook cut off the feature that allowed its users to be found by their phone numbers.
It’s still not known who harvested all that data and how it ended up on the server. This time there isn’t any Cambridge Analytica or an app “for research purposes” that tricks Facebook users into giving away their data. Facebook said it has taken down the database and hasn’t found evidence of any user account being compromised.
Still, it could be the case that at least some users might still be using the same phone number. In today’s time, it isn’t rocket science for malicious actors to take advantage of exposed phone numbers to do evil things not just on Facebook but elsewhere. Also, the database contains Facebook IDs – a unique number tied to a Facebook account – which can also be used to trace back to the users.