200,000 Facebook Marketplace user records – including phone numbers, email addresses and other personal information – have been leaked on a hacker forum this week.
Sample data from the hack was initially shared online by IntelBroker, a well-known threat actor. Some of it has since been verified, with email addresses and phone numbers from random records being matched with sample data.
This hack is the latest cybersecurity concern to be added to the growing list of prominent data breaches.
200,000 Records Leaked
Threat actor IntelBroker shared the news that a sizeable Facebook Marketplace database was stolen by a user on Discord, who goes by the name of ‘algoatson’. It’s claimed that algoatson had hacked the systems of a Meta contractor, pulling the social media giant’s internal cybersecurity into question.
IntelBroker said: “In October 2023, a cyber criminal by the name of ‘algoatson’ on Discord, breached a contractor that manages cloud services for Facebook and stole its partial user database of 200,000 entries”.
This just in! View
the top business tech deals for 2024 👨💻
The leaked database contains a large variety of personal information, including names, email addresses, phone numbers, and Facebook IDs, as well as Facebook profile information.
Meta has not yet commented on the hack.
What’s The Risk of Facebook Breach?
The stolen email addresses and phone numbers can be used by threat actors in phishing attacks. More than that, this information can be used in SIM swap attacks, that allow hackers to steal multi-factor authentication codes sent via SMS in order to hijack a victim’s account.
To mitigate the impact, Facebook Marketplace users have been urged to replace their passwords and turn on two-factor authentication. It’s also recommended that individuals track their account activity for anything suspicious and tighten up their Facebook privacy settings as a whole.
IntelBroker is a well-known threat actor with a list of cybersecurity incidents to their name, including the sale of stolen data from Hewlett Packard Enterprise, an alleged breach of General Electric Aviation, and the breach of DC Health Link which led to the personal data of various U.S. House of Representatives members being leaked online.
Not The First Hack Of Its Kind
This latest Facebook Marketplace data leak is one of many that Meta has experienced in recent years. As the world’s most popular social media app, meaning ample opportunity for fraud, it’s estimated that 62% of Facebook users encounter scams every week.
Back in April 2021, more than 533 million Facebook accounts were found to have been leaked on a hacking forum, resulting in Meta being hit with a $275.5 million fine for failing to protect user information.
The stolen data exposed information such as names, phone numbers, relationship statuses and Facebook IDs. The phone numbers of Mark Zuckerberg, Chris Hughes, and Dustin Moskovitz – three of Facebook’s founders – were also included in the data leak.