In line with a security analyst, the personal information for over half a billion Facebook users was leaked on a well-trafficked hacking forum recently – a possible risk to many cryptocurrency traders and hodlers who now could also be susceptible to sim swapping and other identity-based attacks.
The trove of data was primarily discovered by Alon Gal, CTO of security firm Hudson Rock, who revealed it on Twitter regarding the data leak:
As per Gal, the leak is said to a security vulnerability first discovered earlier in 2019. Also in January this year, it became known that hackers were able to use the data to access user’s phone numbers; the leak has now expanded to incorporate “Phone number, Facebook ID, Full name, Location, Past Location, Birthdate, (Sometimes) Email Address, Account Creation Date, Relationship Status, Bio.”
In line with Gal, the info could now permit hackers and scammers to deploy a spread of social manipulation exploits and other nefarioustactics:
“Bad actors will definitely use the info for social engineering, scamming, hacking as well as marketing.”
Cryptocurrency users are at particular risk of such attacks. Also earlier this year, a victim of a sim-swapping attack sued mobile company T-Mobile for $450k, and in 2018 Kaspersky Labs found that hackers were able to steal 21,000 ETH, presently worth over $43 Mln, in social engineering attacks over a 12-month period.
The data breach is additionally orders of magnitude larger than the Ledger breach late last year. Shortly after over 270k users’ data was leaked online, users reported extortionist threats and thought of lawsuits against the hardware wallet company.