Facebook may be facing its biggest-ever data breach. A hacker has allegedly claimed that they have put the private information of 1.2 billion social media accounts on sale. The cybercriminal, identified by the alias ByteBreaker, claims to have scraped the Facebook user data and is now offering it for sale on the dark web . The hacker reportedly used web scraping for reportedly stealing the data. This method involves employing automated tools to collect large volumes of data from websites. Cybersecurity researchers at Cybernews have suggested that the allegedly stolen data includes user details such as names, user IDs, email addresses, phone numbers, birthdates, gender information, and location data like city, state, and country.
Other investigators have suggested that ByteBreaker exploited a flaw within a specific Facebook tool designed to allow apps or programs to access user data. If these claims are substantiated, this incident would represent the largest single data-scraping event from a social media platform recorded to date. ByteBreaker published a 100,000-record user sample on the dark web to demonstrate their access to the data. However, both Facebook and cybersecurity specialists are sceptical that the attacker actually holds what they claim.
What Meta and cybersecurity researchers said about the data breach
A Meta spokesperson told the Daily Mail that the data ByteBreaker claims to possess originally stems from a 2021 Facebook breach affecting over 500 million users.
“This is from 2021, so it's not a new claim. We disclosed this years ago and have taken steps to prevent similar incidents from happening,” Meta said in a statement to Daily Mail.
Researchers at Hackread also discovered that portions of the 100,000-record sample ByteBreaker posted on the dark web originated in Facebook’s 2021 breach, suggesting the hacker may be recycling old data.
In their dark-web ad, ByteBreaker claimed to hold 1.2 billion accounts compressed into “200 million rows,” yet in standard databases, each row corresponds to a single user record. This means 1.2 billion users should occupy 1.2 billion rows.
Meta said to Daily Mail that it believes no new data was exfiltrated from Facebook, casting further doubt on ByteBreaker’s assertions.
However, officials have advised all Facebook users to immediately change their passwords, freeze their credit reports, and set up fraud alerts on their bank accounts. They warn that the data ByteBreaker exposed contains sufficient details for criminals to open credit cards in victims’ names or gain access to their financial accounts.
What the hacker said about the stolen Facebook data
ByteBreaker said that it exploited Facebook’s API, which is designed to let apps display basic profile info, to harvest massive amounts of user data without permission. By tricking or overusing the API, the hacker allegedly bypassed normal safeguards and downloaded contact details of these accounts.
Other investigators have suggested that ByteBreaker exploited a flaw within a specific Facebook tool designed to allow apps or programs to access user data. If these claims are substantiated, this incident would represent the largest single data-scraping event from a social media platform recorded to date. ByteBreaker published a 100,000-record user sample on the dark web to demonstrate their access to the data. However, both Facebook and cybersecurity specialists are sceptical that the attacker actually holds what they claim.
What Meta and cybersecurity researchers said about the data breach
A Meta spokesperson told the Daily Mail that the data ByteBreaker claims to possess originally stems from a 2021 Facebook breach affecting over 500 million users.
“This is from 2021, so it's not a new claim. We disclosed this years ago and have taken steps to prevent similar incidents from happening,” Meta said in a statement to Daily Mail.
Researchers at Hackread also discovered that portions of the 100,000-record sample ByteBreaker posted on the dark web originated in Facebook’s 2021 breach, suggesting the hacker may be recycling old data.
In their dark-web ad, ByteBreaker claimed to hold 1.2 billion accounts compressed into “200 million rows,” yet in standard databases, each row corresponds to a single user record. This means 1.2 billion users should occupy 1.2 billion rows.
Meta said to Daily Mail that it believes no new data was exfiltrated from Facebook, casting further doubt on ByteBreaker’s assertions.
However, officials have advised all Facebook users to immediately change their passwords, freeze their credit reports, and set up fraud alerts on their bank accounts. They warn that the data ByteBreaker exposed contains sufficient details for criminals to open credit cards in victims’ names or gain access to their financial accounts.
What the hacker said about the stolen Facebook data
ByteBreaker said that it exploited Facebook’s API, which is designed to let apps display basic profile info, to harvest massive amounts of user data without permission. By tricking or overusing the API, the hacker allegedly bypassed normal safeguards and downloaded contact details of these accounts.
You may also like
HMRC tax bill warning as pensioners receive 'simple assessments'
TikToker with 1 million followers calls DC shooter a 'resistance fighter', calls victims 'war criminals'; video taken down
World knows the truth, we have to reiterate it: Rajya Sabha MP Rekha Sharma on all-party delegation's visit to partner countries
MP Cong Chief writes to CJI Gavai to intervene over installation of Ambedkar's statue at HC premises
Rob Burrow's wife makes heartbreaking admission a year after rugby league icon's death
