Social media platforms and user data leaks are no strangers to each other. Hackers often exploit a vulnerability to scrape data, and sometimes, sheer abuse happens by seemingly legit clients. Remember the Facebook-Cambridge Analytica scandal? Well, Facebook is again at the center of another huge data leak that has seen the personal information of over half a billion users making its way online. As per a report by BusinessInsider, the data of over 533 million users – which includes details such as phone number, email address, job info, and date of birth to name a few – was put up for sale online. And later, it was shared freely on the web.

Details include:

Phone number, Facebook ID, Full name, Location, Past Location, Birthdate, (Sometimes) Email Address, Account Creation Date, Relationship Status, Bio.

Bad actors will certainly use the information for social engineering, scamming, hacking and marketing.

— Alon Gal (Under the Breach) (@UnderTheBreach) April 3, 2021

And even if the percentage of users whose phone number was leaked stands at 20%, the number is still substantial. Plus, the phone numbers in the leaked dataset also come with the country codes neatly arranged, which means it can be abused by malicious parties on a regional basis to a variable extent. Aside from usual spamming, there are a ton of shady services out there that can abuse these millions of leaked phone numbers in different parts of the world.

The leaked data is everywhere

Of course, there are a lot of cybersecurity experts and regular users out there who are asking questions about the massive leak. Will Facebook take accountability? Is the social media giant going to notify users that were affected by the users? What steps users should take if their email and phone number were leaked? The risks of targeted attacks are high, especially given the massive scale and global reach.

Hunt notes that the leaked Facebook user data is not only available on hacking forums, but is also circulating together on social media platforms. “This data is everywhere,” he adds. While Facebook should be made to answer about the massive leak, the least that the company can do for its humongous user base is notify affected users, and it definitely has the resources to do so. A simple notification will be enough, for starters!