Over 309 Million Facebook user’s data are now exposed on the Dark Web and being sold by the Threat actors for 500 Euros or $542. The data includes the user’s personal information such as first name, last name, email address, Facebook ID, status, age, gender and last login timestamps. Though there were no account passwords included, leaked users are still vulnerable to spear phishing, spamming, social engineering scheme to set off further exploitation of the victim’s data.
A security research firm bought the data in order to verify authenticity. It was concluded that the data might have come from a security hole on Facebook’s API or from data scraping from publicly available profile pages.
It was first reported that the data only consists of 267 million users that are only from the US region, but there were 42 million new records added later on.
Though passwords were not included on the said leak, a simple email address search in the Dark Web could display relevant passwords to try on. So, it’s best to have a unique password on Facebook that is not being used in other account platforms/websites.
The Dark Web is isn’t being indexed by Search Engines. Credit Card numbers, all manner of drugs, counterfeit money, stolen subscription, and software that is being used to hack people’s computers all getting sold in Dark Web. However, not everything in the Dark Web is illegal as it also has a legitimate side.
If you are someone that shares everything on social media, it will not be a surprise if these hackers will target you. There are almost 2.5 Billion active users on Facebook as of the 4th quarter of 2019, and it’s the biggest Social Media network being used worldwide. With the massive amount of Facebook users, you won’t know who the person on the other side of the screen is, which is potentially perusing your Facebook account for your essential information.
Look into these tips on how to stay safe on Facebook:
- Enable the 2FA Authentication in your account. Under Account Settings > Security and Login > Two Factor Authentication.
- Limit the people who can catch sight of your posts by setting all relevant fields in Public Post setting to ‘Friends’. Go to Account Settings > Privacy > Public Post > choose ‘Friends’ for all settings.
- Enable Safe Browsing setting. Go to Account Settings > Security and Login > Advanced > Safe Browsing.
- Remove unknown contacts. Only accept a friend request from people you know personally.
- Update your account password every 60 days and only use a strong password that consists of alphanumeric with special and case-sensitive characters (Especially if you are from the United States, update it now!)
- Lastly, do not share everything on social media. As you do not really know who is stalking your account to phish some of your personal information.