October 4, 2021

WORLD: Data Of Over 1.5 Billion Facebook Users Is Being Sold On A Popular Hacking-Related Forum. Major Global Outage: Facebook, WhatsApp, Instagram Down. FB Employees Locked Out.

PrivacyAffairs.com
written by Miklos Zoltan
Sunday October 3, 2021

The private and personal information of over 1.5 billion Facebook users is being sold on a popular hacking-related forum, potentially enabling cybercriminals and unscrupulous advertisers to target Internet users globally.

If authentic, this may constitute one of the biggest and most significant Facebook data dump to date.

Later Update: Some forum users claim they were scammed by the alleged seller, raising questions about the authenticity and claimed magnitude of this leak.
Important Clarification: This is completely unrelated to the global Facebook outage experienced on 4 October 2021.

The timing of this news post and the Facebook outage constitutes an unfortunate coincidence leading to many incorrectly assuming a connection between the two.

Several websites and Twitter accounts incorrectly attribute the 4 October Facebook outage to this alleged data leak.

Our initial article was published 12 hours before the Facebook outage happened.

Further Clarification: It’s alleged that the data was obtained by scraping publicly available data shared by users. Several media outlets and Twitter users misinterpret this to have resulted due to a hack or data breach, which is not the case.
It is seemingly unrelated to an earlier 2021 Facebook data dump, where 500 million users were affected. Highlights:
  • Data scrapers are selling sensitive personal data on 1.5 billion Facebook users.
  • Data contains users’: name, email, phone number, location, gender, and user ID.
  • Data appears to be authentic.
  • Personal data obtained through web scraping.
  • Data can be utilized for phishing and account takeover attacks.
  • Sold data claimed to be new from 2021.
  • Some prospective buyers claim they were scammed by the seller and no data was delivered after payment was made
In late September 2021, a user of a known hacker forum posted an announcement claiming to possess the personal data of more than 1.5 billion Facebook users. The data is currently up for sale on the respective forum platform, with potential buyers having the opportunity to purchase all the data at once or in smaller quantities.

One prospective buyer claims to have been quoted $5,000 for the data of 1 million Facebook user accounts.

According to the forum poster, the data provided contains the following personal information of Facebook users:
  • Name
  • Email
  • Location
  • Gender
  • Phone number
  • User ID
Related: Dark Web Price Index 2021 – We looked into the prices hackers charge for items such as hacked Facebook, Instagram and LinkedIn accounts and even online banking logins on the dark web
Update: After this news was initially published, a forum user and prospective buyer claimed they paid the seller but haven’t received anything in return. The seller hasn’t yet responded to these accusations.

All we know at this moment is that the multiple samples provided to forum users appeared to be real.
Samples presented on the forum show that the data indeed seems to be authentic.

Cross-checking them with known Facebook database leaks resulted in no matches, implying that at first glance, the sample data provided is unique and not a duplicate or re-sell of a previously known data breach or scraping.

The seller claims to represent a group of web scrapers in operation for at least four years, alleging that they’ve had over 18,000 clients during this time.

Data Obtained by Scraping

The traders claim to have obtained the data by scraping rather than hacking or compromising individual users’ accounts. Scraping is a process of web data extraction or harvesting where publicly available data is accessed and organized into lists and databases.

While technically, no accounts have been compromised, this is little solace to those whose data may now end up in the hands of unscrupulous internet marketers and likely also in the hands of cybercriminals.

Unethical marketers may utilize this data to bombard specific individuals or groups of individuals with unsolicited advertising.

The fact that phone numbers, real-life location, and users’ full names are included in the data is especially concerning. In addition, SMS and Push notification spam are becoming increasingly more prevalent even though most countries made these practices illegal many years ago.

Data Can be Used to Jeopardize Users’ Security

For example, hackers can use the scraped data to conduct sophisticated phishing attacks or social engineering attacks.

Identifying individual users’ phone numbers makes it possible for cybercriminals to send fake SMS messages to affected users pretending to be various entities such as Facebook itself or even banks.

Users will then be invited to click on a link to either claim a prize, update their security settings, change their passwords, or do something similar.

After accessing the link, they will be redirected to a cloned version of the website the perpetrators pretend to represent. Then, if the user enters their actual current password, the cybercriminals will be able to hijack the affected account.

This is how Facebook accounts and even online banking logins are sold on the dark web for as cheap as just $10.

How is Facebook Data Scraped?

Scraping is the process of automatically collecting publicly available and accessible data online with the help of computer programs.

The majority of such data is obtained from simply scrapping Facebook profiles that have been set to “Public” by their owners. Unfortunately, the vast majority of personal information is freely shared and made available to the general public by Facebook users themselves.

Another popular – but illegal – method of data scraping is through fake Facebook surveys or quizzes.

Every Facebook user has seen a post such as “Find out your Game of Thrones Lookalike with this Survey” or “Take this Quiz to Find out When you Will Get Married,” etc. Usually, these are schemes to obtain users’ personal data.

Every time someone enters one of these surveys or quizzes, they permit the creators of these games to view their personal Facebook information such as full name, email, phone number, location, gender, and more.

Facebook Users are Advised to Enhance their Security

It’s generally not recommended for Facebook users to set their accounts to be fully public.

Similarly, one should never enter random quizzes, surveys, or games on Facebook unless offered by a known and verified publisher. Almost always, these are, sadly, schemes used for data mining and scrapping.
60 Minutes published October 3, 2021: Frances Haugen says in her time with Facebook she saw, "conflicts of interest between what was good for the public and what was good for Facebook." Scott Pelley reports.

Breitbart.com
written by Alana Mastrangelo
Monday October 4, 2021

Cybersecurity expert Brian Krebs says Facebook, as well as its Instagram and WhatsApp platforms, are all suffering from ongoing global outages due to someone from inside Facebook updating the company’s Border Gateway Protocol (BGP) records, which took away the map telling the world’s computers how to find its online properties. According to a New York Times reporter, employees cannot even open doors with their security cards due to the catastrophic outage.

While it remains unclear why this happened, Krebs says how it happened is clear: On Monday morning, something inside Facebook caused the company to rescind key digital records that tell computers and other devices how to find the destinations online.

Doug Madory, director of internet analysis at the network monitoring company Kentik, said someone at Facebook caused an update to be made to the company’s BGP records, which resulted in the company’s system taking away the map telling the world’s computers how to find its various online properties.

Now, when someone types Facebook.com into a web browser, the browser has no idea where to find the website, and therefore displays an error page.

In addition to preventing its billions of users from utilizing the social media platform, the Facebook outage has also prohibited the company’s employees from communicating with each another using their internal tools, as Facebook’s email and tools are all managed in house, via the same domains that are now offline.
Breitbart News has reported extensively on the “Facebook Files” series from the Wall Street Journal which made a number of damning claims about the tech giant based on a series of internal company documents.

It remains unclear whether the changes from within Facebook were made maliciously or by accident, Krebs says.

Madory said someone at Facebook could have just screwed up, noting, “In the past year or so, we’ve seen a lot of these big outages where they had some sort of update to their global network configuration that went awry.”

“We obviously can’t rule out someone hacking them, but they also could have done this to themselves,” Madory added.

Meanwhile, several different domain registration companies have listed Facebook.com as up for sale, although it is unlikely the domain will be actually be sold.
Project Veritas published May 25, 2021: Facebook Whistleblowers LEAK DOCS Detailing Effort to Censor Vaccine Concerns on Global Scale.
Breitbart News
written by Allum Bokhari
Wednesday June 2, 2021

Facebook founder and CEO Mark Zuckerberg emailed NIAID director Anthony Fauci in the early months of the COVID-19 pandemic to thank him for his “leadership” during the pandemic, and alert him to the rollout of Facebook’s coronavirus information hub, which artificially boosted “authoritative” information about the virus.

The emails show Zuckerberg requesting a video Q&A with Fauci, because, in the Facebook founder’s words, “people trust and want to hear from our experts rather than just a bunch of agencies and political leaders.”

The emails were revealed through FOIA requests made by the Washington Post and Buzzfeed.

One paragraph of the email was redacted with FOIA exemption code b(4), meaning it contains “trade secrets and commercial or financial information obtained from a person [that is] privileged or confidential.”

The email, dated March 15, 2020, is copied in full below.
Tony:

I wanted to send a note of thanks for your leadership and everything you’re doing to make our country’s response to this outbreak as effective as possible. I also wanted to share a few ideas of ways we could help you get your message out, but I understand you’re incredibly busy, so don’t feel a need to reply unless these seem interesting.

This isn’t public yet, but we’re building a Coronavirus information Hub that we’re going to put at the top of Facebook for everyone (200+ million Americans, 2.5 billion people worldwide) with two goals (1) make sure people can get authoritative information from reliable sources and (2) encourage people to practice social distance and give people ideas for doing this using internet tools. This will be live within the next 48 hours.

As a central part of this hub, I think it would be useful to include a video from you because people trust and want to hear from our experts rather than just a bunch of agencies and political leaders. This could be done in a number of formats if you’re open to it. Probably best would be recording a Q&A where you answer people’s top questions, but we’d be open to other formats too.

I’m also doing a series of livestreamed Q&As with health experts to try to use my large following on the platform (100 million followers) to get authoritative information out as well. I’d love to have you do one of these Q&AS. This could be the video we put in the Coronavirus Hub or it could be a different thing that we distribute separately, but I think it could be effective as well.

Finally, [REDACTED (b)(4)].

Again, I know you’re incredibly busy, so don’t feel the need to respond if this doesn’t seem helpful. If it’s easy to talk live, give me a call anytime on my mobile phone: [REDACTED (b)(6)].

Thanks again for everything you’re doing.

Mark
A second email shows Fauci responding to Zuckerberg, accepting his “terrific” invitation.

UPDATE 10/4/21 at 4:40pm: Added info below. UPDATE 10/4/21 at 4:49pm: Added info below.

No comments: