Personal information belonging to more than 267 million Facebook users has been exposed in an unsecured database of user account info on the dark web, it has emerged, Breitbart reports.
The Facebook IDs, phone numbers and full names of 267,140,436 users, most of them American, were discovered in the database by cybersecurity firm Comparitech and security researcher Bob Diachenko, according to a report published last week.
Comparitech, together with Bob Diachenko found that 267,140,436 Facebook users had their personal information exposed.
The data was found on an unsecured database on the “dark web,” the part of the internet that is inaccessible via regular browsers and is not indexed by search engines. According to the report, the data was publicly available for two weeks.
It is not yet clear how the information was accessed, but Comparitech suggested it may have been collected through “scraping,” an illegal process by which bots copy and collect data from web pages. Diachenko traced the database back to Vietnam. Scraping is forbidden by Facebook’s terms of service, but when a profile is listed as “public” it is easy to do.
The report warned that people identified in the database could be targeted by spam messages or phishing schemes. “Access to the database has since been removed, however, the records were available to anyone online for two weeks before the leak was discovered.”
In a statement to the Daily Mail, a Facebook representative tried to reassure the public that the leak occurred before new security measures had been put in place.
“We are looking into this issue, but believe this is likely information obtained before changes we made in the past few years to better protect people’s information,” said the Facebook rep.