Facebook takes another dive into the pool of outrage when it comes to the handling of user data. Unfortunately, the saga continues. They have been blamed for questionable data-sharing practices and lax security.  Yesterday, it was reported that profile details of over 267 million Facebook accounts were up for grabs on the Dark Web for about KES 60,000.

Facebook Profile Details Up For Grabs On The Dark Web

The stolen data included account details such as names, unique Facebook user IDs, and phone numbers. Fortunately, these details don’t include passwords and other such credentials. However, they can still leave users prone to all sorts of troubles such as phishing and spamming.

According to Gadgets360, Comparitech came across the cache of Facebook account data stored on an Elastisearch server. This data that supposedly belongs to 267 million Facebook accounts were posted on hacker forums as downloadable material. More worryingly, the sensitive data is up on the Dark Web for sale.

Start off your week with tech news recap and trending conversations in your inbox

Enter valid email-id

Subscribe

I prefer it on Telegram

Cyber-security intelligence firm Cyble has discovered this and purchased the data for verification. They found that the cache did contain sensitive user information. The company has put details of the affected Facebook accounts on its Amibreached.com repository. Here, users can check if their Facebook account was compromised.

Cyble Investigation

Scraping refers to copying data from webpages by automated bots, even though it is against terms of services. As of now, researchers have been unable to pinpoint the exact method or vulnerability that led to the data compromise. The two possible culprits, however, are exploiting flaws in Facebook API.

Shortly after, another server containing data of an additional 42 million accounts on a server was discovered. However, it was reportedly hacked by another party trying to warn the owners that their server is unsecured.

All the data on the server was replaced with dummy information. Notably, a majority of Facebook accounts whose data was put up for sale belonged to users based in the United States. So far, we are yet to come across any reports of users being scammed after taking advantage of the leaked data.