U.S. Steel will suspend operations at one of its plants, GM recalls 800,000 vehicles, and Facebook experienced another data breach. FOX Business’ Lauren Simonetti with more.
The private information of more than 267 million Facebook users was reportedly exposed online for anyone to access.
Continue Reading Below
Approximately 267,140,436 users, most of whom reside in the United States, had their Facebook IDs, phone numbers and names exposed in an unsecured database, according to a report published Thursday by cybersecurity firm Comparitech and security researcher Bob Diachenko.
| Ticker | Security | Last | Change | Change % |
|---|---|---|---|---|
| FB | FACEBOOK INC. | 206.06 | +3.56 | +1.76% |
The report warned users that the information within the database could be used to conduct spam and phishing schemes. The report also noted that users could be exposed to “other threats” but did not specify what those are.
FACEBOOK PLANS TO TACKLE 2020 US CENSUS INTERFERENCE ATTEMPTS
The information was exposed for two weeks before access to the database was removed, according to the report.
Facebook has not immediately responded to FOX Business’ request for comment.
It remains unclear how the user IDs and phone numbers were obtained but Diachenko believes it may be linked to an illegal process known as “scraping” or criminals in Vietnam who abused Facebook’s developer API, according to the evidence obtained by the firm and Diachenko.
Scraping is when automated bots copy troves of data from various websites usually placed into a database, often for analysis.
GOOGLE, FACEBOOK ANTITRUST PRESSURE GROWS AS US LAWMAKER CHEERS UK INVESTIGATION
It is possible the data was stolen from API before the company restricted access to users’ phone numbers back in 2018, according to Diachenko.
Prior to 2018, phone numbers were available to third-party developers, according to the report. However, API may also have a hole in its security system that may allow criminals to access the records even after access was restricted, the report said.
Another possibility is that the information was “scraped” from publicly visible profile pages.
“It’s difficult for Facebook and other social media sites to prevent scraping because they often cannot tell the difference between a legitimate user and a bot,” the report read.
Diachenko warns users to be on the lookout for suspicious text messages. In addition, Facebook users can minimize the risk of having their information “scraped” by adjusting their profile privacy settings.
To do so users must:
- Open Facebook and go to “Settings”
- Click “Privacy”
- Set all relevant fields to “Friends” or “Only me”
- Set “Do you want search engines outside of Facebook to link to your profile” to “No”
419M FACEBOOK USERS’ ACCOUNTS, PHONE NUMBERS FOUND ON ONLINE DATABASE: REPORT
This comes just after records of more than 419 million Facebook accounts — including phone numbers associated with the accounts — were found online in September. The records were found across several databases on a server that was not protected by a password, TechCrunch reported.
FOX Business’ Ann Schmidt contributed to this report.
