A Facebook vulnerability in 2019, which bad actors used to break into 533 million Facebook users, has been uploaded on a popular cybercrime web forum.
In a Twitter post by Alon Gal (Under the Breach), he mentioned that the details included in the breach were Facebook IDs, Mobile Numbers, Email Addresses, Gender, Date of Account Registration, Relationship Status, Biography, Full Name, Past Location, Birthdate, etc.
The leak had the CEO of Facebook, Mark Zuckerberg’s Phone number, and Co-founders, Chris Hughes and Dustin Moskovitz, who were the fourth, fifth, and sixth members to register their numbers on Facebook when it was founded.
As CEO of Facebook, Mark Zuckerberg’s phone number was registered to the Signal Messaging App. It appears Mark Zuckerberg respects his privacy since the Signal Messaging app is end-to-end encryption, and Facebook doesn’t own it.
The Data that was obtained was from 106 countries worldwide. The vulnerability used to exploit and get the data was automated scripts that scrapped a Facebook profile for public user data. Facebook has recently fixed the bug.
Since the Data is now available for public disclosure, it is more likely that bad actors will use the information for Social Engineering, Scamming, phishing scams, and many other cybercrimes.