The entire database is being sold for $30,000 on a hacker forum.
Article updated with additional information.
Last month a hacker was selling 267 million Facebook user data on a dark web marketplace. Now, a hacker or call them a threat actor is claiming to have access to a database with 500 million Facebook user data from 82 countries.
What’s worse is that the data is currently being sold on an infamous hacking forum, Hackread.com has learned.
As seen on the forum, the hacker has been offering the treasure trove of data since May 15th, 2020 and includes personal information such as,
Facebook profile links
Furthermore, the hacker has divided the price of the data into three parts, for instance, $1500 per million, $450 per 100,000, and $30,000 for 500 million for the entire database. The listing also states that the information in the database was stolen between November 2019 to May 2020.
As for the users’ location and the number of data being offered, here is the full list:
Costa Rica 1,400,000
Czech Republic 1,300,000
Hong Kong 2,900,000
Puerto Rico 130,000
Saudi Arabia 28,800,000
South Africa 14,300,000
United Arab Emirates 6,900,000
United Kingdom 11,500,000
So far it is unclear if the database has got any seller at all. However, it is worth noting that Hackread.com strictly stands against selling or buying user data.
The sample data seen by Hackread.com suggests that the database has been stolen from a misconfigured database or bought from a third-party marketing firm.
Remember, third-party firms can use data scrapping, a fairly common practice to extract the personal information of users from websites like Facebook or Twitter.
Facebook in particular allows users to access third-party websites by using their existing Facebook login information. This information can be accessed by cybercriminals in case proper security measures are not implemented. For instance, malicious elements can use ‘scraper bots’ to extract private information anonymously.
Nevertheless, the victims of the breach are yet again unsuspecting Facebook users who are now open to phishing scams, smishing attacks (SMS phishing), and identity theft using publically available photos on their profiles, etc.
If you are on Facebook, make sure to limit the information you share with the public. Also, keep your personal photos only accessible to those in your friend lists rather than public. Or you can simply learn how to permanently delete your Facebook account.
Hackread.com has learned that the seller has been scamming buyers over Facebook data and has been banned from the hacker forum. However, Hackread.com still confirms that the sample data shared by the seller/scammer contained legitimate information.