Facebook's 533M accounts leaked online and what does it mean for crypto users

Quickseller

copper member

Activity: 2996

Merit: 2374

Quote from: jseverson on April 07, 2021, 08:52:27 PM

It didn't mention any plans on informing their users, but it does say they have a dedicated team working to take the dataset down. Good luck with that lol.

I don't think they are trying to take the dataset down (once it is in the public domain, it will always be out there). I think they are trying to find ways in which information can be leaked from Facebook.

The biggest risk of the leaked information is that a thief will try to port your phone number to hack your accounts. This can be mitigated by not using SMS 2FA, and use a token based 2FA, such as google authenticator. It is possible that additional information will be combined with information from this leak that might lead to useful information about you. If this is a problem, it is too late now, but moving forward, you can use unique email addresses for each service you sign up for.

lovesmayfamilis

legendary

Activity: 2072

Merit: 4265

✿♥‿♥✿

Quote from: DdmrDdmr on April 08, 2021, 02:29:57 AM

Following a similar line, 500 million LinkedIn account records are up for sale (for a price that is not too steep) on these type of hacker sites, 2M of them being downloadable as proof for a couple of bucks.

See: https://cybernews.com/news/stolen-data-of-500-million-linkedin-users-being-sold-online-2-million-leaked-as-proof-2/

For some reason, I'm not surprised. This proves once again that social media is evil. Who will be next? Exchanges? Hackers easily break into social networks, all information about users is no longer their property.
Today, privacy is becoming a big problem, it is difficult to become completely invisible on the web. Therefore, you need to divide your life into the one that exists offline, and the one that is on the Internet. New name, new data. A parallel world, looking glass.

hatshepsut93

legendary

Activity: 3024

Merit: 2148

If you're practicing good security habits like using different emails and passwords for different accounts, using 2FA, not talking about your crypto publicly, then even if you got pwned, your money is safe. Events like this should be a wake-up call for people with poor understanding of basic security, and this forum has plenty of good guides for beginners, so use the search function and read them up.

DdmrDdmr

legendary

Activity: 2338

Merit: 10802

There are lies, damned lies and statistics. MTwain

Following a similar line, 500 million LinkedIn account records are up for sale (for a price that is not too steep) on these type of hacker sites, 2M of them being downloadable as proof for a couple of bucks. The enclosed information included, amongst other, the full name, email, phone number, some professional data, and links to other social media accounts. It is not clear though how recent that data is.

Again, from a cryto point of view, the most obvious mayor risks are targeted sim swaps or phishing campaigns that could be performed by a hacker who knows before hand which profiles work in crypto-related firms or environments (allegedly not derivable from the hacked data itself). Mass phishing email/sms campaigns may hit the jackpot, but targeted attempts on certain profiles could render decent results if people are not careful enough.

See: https://cybernews.com/news/stolen-data-of-500-million-linkedin-users-being-sold-online-2-million-leaked-as-proof-2/

jseverson

hero member

Activity: 1834

Merit: 759

Small-ish late-ish update: Facebook apparently addressed this the other day in their blog:

Quote from: https://about.fb.com/news/2021/04/facts-on-news-reports-about-facebook-data/

On April 3, Business Insider published a story saying that information from more than 530 million Facebook users had been made publicly available in an unsecured database. We have teams dedicated to addressing these kinds of issues and understand the impact they can have on the people who use our services. It is important to understand that malicious actors obtained this data not through hacking our systems but by scraping it from our platform prior to September 2019.

It didn't mention any plans on informing their users, but it does say they have a dedicated team working to take the dataset down. Good luck with that lol.

sujonali1819

legendary

Activity: 2436

Merit: 1189

Need Campaign Manager?PM on telegram @sujonali1819

Yeah, I heard about it and still hearing/seeing some article shared on Facebook. This news again warn people to always care about the social medias. These type of things/news help people to reduce their trust on online. And this affect much the crypto world and online backing system IMO.

One side Facebook are forcing their users to use real details and contact on the other hand hackers are stealing the real information and publish it pluckily. That's really bad to hear.

Some suggestions to the crypto users.

1. Don't use real Facebook account to discuss or sharing something about crypto
2. Don't hold you password/private keys in Facebook message.

jrrsparkles

sr. member

Activity: 2520

Merit: 280

Hire Bitcointalk Camp. Manager @ r7promotions.com

Quote from: Daniel91 on April 07, 2021, 01:27:01 AM

Quote from: jrrsparkles on April 06, 2021, 01:56:57 PM

Oh no, I have been pwned! Shocked

One of my throwaway account used for social media login shows that it was reported on 3 data breaches and no pastes which means I am at risk now. Huh

I advise you to change the password on your FB and also if you use that password for other accounts, change it.
Never open messages from unknown users and specifically do not click on any links within these messages.
Also do not answer calls from unknown people and do not open messages from unknown people and you will be fine.

I don't even know the password but surely I will change the password soon and I am sure that I didn't use that kind of passwords for my primary emails and other stuffs where money involved.

And also I blocked every calls coming from someone who is not in my contacts so the hackers has very less chance though. Grin

hopenotlate

legendary

Activity: 3402

Merit: 1227

Top Crypto Casino

Quote from: lovesmayfamilis on April 07, 2021, 03:23:13 AM

A somewhat strange question? Then tell me why publish your photos on the Internet at all? I don’t know how much everyone is aware of such information that if a photo gets on the Internet once, then it will never be removed from there. Everything remains in the memory. If, after a lapse of time, someone wishes to change or erase their information, it will be unsuccessful.
What should Facebook users do? Change passwords, do not register with your data, do not post photos, etc. All social media are evil. In our time, it is becoming more and more difficult to have the right to confidentiality, and those who regularly publish information about themselves, and subsequently suffer from any scammers, should only blame themselves for this.

What is even more worse is there are people, and they are many, I know who use to post also pictures of their little underage children who may or may not agree to be fully online when they have reached a maturity of thought such as to exercise free will. And this decision their parents are taking now on their behalf is irreversible as you correctly pointed out.
It happened to me as well to be taken in pictures then posted online, in friends social media profiles, while I have been in the company of friends who have an unhealthy habit of publishing their lives online and without being asked for consent as if it were the most natural thing in the world and I find it really disturbing; and when I point it out they deal with me as if I was the weird one.

lovesmayfamilis

legendary

Activity: 2072

Merit: 4265

✿♥‿♥✿

Quote from: ?? on ??

already the fact that facebook collects user data to sell advertising packages is serious if it loses them and they are published on the internet is very serious on the other hand if you do not publish your personal photos what is the point of using facebook?

A somewhat strange question? Then tell me why publish your photos on the Internet at all? I don’t know how much everyone is aware of such information that if a photo gets on the Internet once, then it will never be removed from there. Everything remains in the memory. If, after a lapse of time, someone wishes to change or erase their information, it will be unsuccessful.
What should Facebook users do? Change passwords, do not register with your data, do not post photos, etc. All social media are evil. In our time, it is becoming more and more difficult to have the right to confidentiality, and those who regularly publish information about themselves, and subsequently suffer from any scammers, should only blame themselves for this.

jseverson

hero member

Activity: 1834

Merit: 759

Quote from: bitterguy28 on April 06, 2021, 10:09:52 PM

is this the reason why there are Tons of Facebook account now whos Posting Shit posts about some S3x Scandals? but I'm sure those are not about the scandal instead a Phishing links?

I was thinking about this since the other day because it looks like even in the groups i am with there are tons of posters with the same topic but different accounts

Nope, the leak only contained personal information you gave to Facebook (Contact info, name, etc..); accounts themselves shouldn't be compromised unless victims are somehow phished, and there are no reports of that happening (yet).

What you're encountering are very likely troll/bot farms that operate on Facebook.

Quote from: boyptc on April 06, 2021, 01:42:43 PM

Why is it that facebook didn't mentioned this? they don't want their users to know what happened and those people that are not into cyber security, this don't matter a lot to them.

Probably because this was the same dataset that was leaked in 2019. I absolutely agree that they should at least reach out to those who were affected, but knowing how most people on Facebook have zero sense of privacy, majority probably won't care lol.

Daniel91

legendary

Activity: 3374

Merit: 1824

Quote from: jrrsparkles on April 06, 2021, 01:56:57 PM

Oh no, I have been pwned! Shocked

One of my throwaway account used for social media login shows that it was reported on 3 data breaches and no pastes which means I am at risk now. Huh

I advise you to change the password on your FB and also if you use that password for other accounts, change it.
Never open messages from unknown users and specifically do not click on any links within these messages.
Also do not answer calls from unknown people and do not open messages from unknown people and you will be fine.

UserU

hero member

Activity: 2128

Merit: 532

FREE passive income eBook @ tinyurl.com/PIA10

Quote from: jrrsparkles on April 06, 2021, 01:56:57 PM

Oh no, I have been pwned! Shocked

One of my throwaway account used for social media login shows that it was reported on 3 data breaches and no pastes which means I am at risk now. Huh

Not really. You'd likely receive more business proposals from Nigerian princes and long-lost "relatives" but other than that, you should be fine.

That is, unless you've been using the same passwords for over a decade now.

cryptomaniac_xxx

hero member

Activity: 1344

Merit: 540

And now Have I Been Pwned has added search for leaked Facebook phone numbers:

Quote

The Facebook Phone Numbers Are Now Searchable in Have I Been Pwned

The headline is pretty self-explanatory so in the interest of time, let me just jump directly into the details of how this all works. There's been huge interest in this incident, and I've seen near-unprecedented traffic to Have I Been Pwned (HIBP) over the last couple of days, let me do my best to explain how I've approached the phone number search feature. Or if you're impatient, you can head over to HIBP right now and search for your number.

https://www.troyhunt.com/the-facebook-phone-numbers-are-now-searchable-in-have-i-been-pwned/

So for those who are in doubt, they can try this service and see how it goes.

bitterguy28

full member

Activity: 2170

Merit: 182

“FRX: Ferocious Alpha”

Quote from: cryptomaniac_xxx on April 06, 2021, 07:25:49 AM

I'm sure majority of you have heard about the recent Facebook accounts being leaked online, 533 million Facebook users’ phone numbers leaked on hacker forum.

And for those crypto users who has a facebook account, this might be damaging as these criminals might used your email and your phone numbers as a mode of entry for phishing and other point of entry.

You can used https://haveibeenpwned.com/ to check if your email has been compromised. But what's damaging is the phone numbers itself. So if ever you received emails or even text messages from unknown sources, do not click or better deleted it. You don't want to be the next victim as cyber criminals is all over now.

is this the reason why there are Tons of Facebook account now whos Posting Shit posts about some S3x Scandals? but I'm sure those are not about the scandal instead a Phishing links?

I was thinking about this since the other day because it looks like even in the groups i am with there are tons of posters with the same topic but different accounts

jrrsparkles

sr. member

Activity: 2520

Merit: 280

Hire Bitcointalk Camp. Manager @ r7promotions.com

Oh no, I have been pwned! Shocked

One of my throwaway account used for social media login shows that it was reported on 3 data breaches and no pastes which means I am at risk now. Huh

boyptc

hero member

Activity: 3024

Merit: 680

★Bitvest.io★ Play Plinko or Invest!

Now I understand why I receive these text messages even though I don't sign my # to any website except facebook.

Why is it that facebook didn't mentioned this? they don't want their users to know what happened and those people that are not into cyber security, this don't matter a lot to them.

Insanerman

sr. member

Activity: 1162

Merit: 450

Quote from: tranthidung on April 06, 2021, 07:32:32 AM

Don't use social media platforms. Apply it to all social media platforms, not restrict to Facebook.

If you use Facebook

Don't upload your personal images
Don't talk about bitcoin, cryptocurrency on your Facebook (in status, shares, etc.)
Don't upload any screenshot of your portfolio, past trades, balance, etc.

Beyond Facebook, general advice for crypto enthusiasts

Use non-custodial wallets and don't store your cryptocurrency on exchanges longer than what you need
Don't store backup of your wallet file, private key, mnemonic seed, password on any online services. Store them off-line

Facebook is already an effective medium for online social interactions, which then also is helpful for gaining both personal popularity and project engagements. Regardless of being used personally or exclusive for a certain reason, Social Media apps is a great tool to both learn and share ideas. Hence, many people, even crypto enthusiasts, would still use it.

Also, there are accounts on social media websites that are open to public. Meaning, people can view their personal information due to their privacy not being modified well. This can easily be prevented by simply making your account private and only visible to people you are adding first. This info leaks often were from scraped data. Therefore, even if your data is leaked, chances of being really hacked with your financial accounts and personal social media credentials is little, as long the security on your behalf is strong.

hopenotlate

legendary

Activity: 3402

Merit: 1227

Top Crypto Casino

Quote from: tranthidung on April 06, 2021, 07:32:32 AM

Don't use social media platforms. Apply it to all social media platforms, not restrict to Facebook.

If you use Facebook

Don't upload your personal images
Don't talk about bitcoin, cryptocurrency on your Facebook (in status, shares, etc.)
Don't upload any screenshot of your portfolio, past trades, balance, etc.

Beyond Facebook, general advice for crypto enthusiasts

Use non-custodial wallets and don't store your cryptocurrency on exchanges longer than what you need
Don't store backup of your wallet file, private key, mnemonic seed, password on any online services. Store them off-line

Let me I add a big AMEN to what you wrote.

Social medias are a huge market of users personal data : users give them away for free and they make huge profits that most users don't even have a clue about their order of magnitude....and, as if that were not enough, they are not even able to protect them from hacking.
I personally use them with fake datas, zero personal info and only secondary email addresses from the ones I use for everyday purposes.

TopTort777

legendary

Activity: 2478

Merit: 1492

Major part of Facebook crypto users have fake accounts with half naked woman as a profile picture, to get more friends and receive more stakes from bounties. I don't think they will be worried much about this leak. They also use "get-free-SMS" services to verify Facebook accounts, plus free emails. So I think they don't lose much.

DdmrDdmr

legendary

Activity: 2338

Merit: 10802

There are lies, damned lies and statistics. MTwain

The use of this database is generally going to be through mass email campaigns, targeting a large segment of the DB rather indiscriminately. Since the initial DB has been apparently around for around a year and a half, it’s highly likely that many accounts have already received emails using that DB as a source, with multiple pretexts.

What could be a more targeted subtle potential approach is for someone to use the information in the DB, knowing what specific accounts he wants to target. For example, someone could see an account or set of accounts that talk about crypto, go to the BD, and retrieve the phone (+name+date of birth) to try to perform a sim swap, or a more targeted phishing attempt.

Topic: Facebook's 533M accounts leaked online and what does it mean for crypto users (Read 312 times)