Breached Facebook Database For Sale on DarkWeb

Summary

Approximately 267 million Facebook records have been found available for purchase on a dark web hacker’s forum for $615 worth of bitcoin. The data appears to be from a misconfigured Elasticsearch server discovered in December 2019. Most of these records belong to US Facebook users and contain various forms of information such as profile links, full names, email addresses, phone numbers, ages, dates of birth, and addresses. Though the breach does not appear to include account passwords, threat actors may attempt to use this information to conduct various forms of social engineering attacks such as spear-phishing and smishing. Additionally, threat actors can easily weaponize information shared by users on social media. Oftentimes, information that is thought to be innocuous – such as a pet’s name or mother’s maiden name – can reveal common password retrieval security questions, as described in the FBI Charlotte Field Office post.

Recommendations

The NJCCIC recommends users exercise caution when opening unsolicited emails and text messages. Additionally, we advise users to review social media privacy and security settings, exercise caution when sharing information, and enable multi-factor authentication where available. Users can also check haveibeenpwned to discover if account credentials or information may have been compromised in other data breaches. Further information can be found in the HackRead article.