Facebook Security Breach: Leaked 267 Million Names, Phone Numbers

If you start receiving more telemarketing calls, you can blame Facebook.

Recently, a security researcher named Bob Diachenko found a database of user account info including their name and phone numbers for 267 million Facebook users. It was available in an unprotected format and copied to other hacker forums, Forbes reports.

Reports indicate that this presents a treasure trove of data for telemarketers and spam purveyors because the data looks legitimate and comes from the social network itself, not from an untrusted source. (In some cases, leaked data that is old and outdated doesn’t help would-be scammers because the names and numbers are incorrect.)

Having this data means scammers can start new phishing scams and correlate the data from the phone records to Facebook user profiles.

The analyst says the data was potentially compromised through an API that gives developers access to back-end data, such as friend lists, groups, and photos.

He says at one time it was likely a protected, private database even on hacker forums, but was set to public and was readily available to anyone for about two weeks.

Hackers routinely download user information like this or purchase it on the Dark Web, but the difference with this data is that it has some authenticity since it also contains Facebook user information. And, because it contains phone numbers, it means hackers might be able to set up more sophisticated attacks that could include both a phone scam and an email scam.