Among the leaked user information from Facebook, posted on the Internet over the weekend, there are also data on more than a million Czechs. According to the Avast antivirus software company, private data on 533 million Facebook users from 106 countries was released.
Although Avast notes that the leak is a relatively old matter, and Facebook has already removed the vulnerable component from 2019, the data had not been leaked to the Internet until now, and it still has the potential to put the safety of Facebook users at risk.
Among the published data are also telephone numbers that cybercriminals can use for so-called SIM swapping, i.e., redirecting the security codes of two-phase authentication used to verify identity when logging in to e-mail, to their own devices. Using this method, according to Avast, criminals can gain access to the victim’s e-mail. As a result, they could potentially take control over the user’s other online accounts and their entire digital identity.
“People who had their Facebook account connected to a phone number in 2019 are encouraged to change their settings so that they can only log in to their account using an authenticator provided by, for example, Microsoft or Google. These users may also face more frequent phishing attacks, so they should be more careful about the SMS they receive,” said Avast’s analyst Christopher Budd.
The data appeared over the weekend on a certain hacking internet forum. The Business Insider was the first to inform about it on Saturday, and according to US media, the leaked data is available completely free of charge. The data comprises telephone numbers, full user names, geolocation data, e-mail addresses, and birth dates. According to Axios, however, information on user passwords is not present in the database.