It's still unclear who owned the server storing hundreds of millions of records online without a password.

Dark Reading Staff, Dark Reading

September 5, 2019

1 Min Read

An unsecured server exposed 419 million phone numbers belonging to Facebook users, whose information was stored in several databases without password protection, TechCrunch reports.

The records spanned Facebook account holders in countries including the US (133 million), UK (18 million), and Vietnam (50 million). Each record held an individual's Facebook ID, which is a unique number connected to the account, and the person's phone number. Some also held the user's name, gender, and location. Affected databases were taken offline by the hosting provider.

User phone numbers have not been publicly available on Facebook since 2018, when the social media giant removed developers' access to them. It's believed whoever scraped the numbers did so before Facebook changed its policy allowing users to find friends using phone numbers. The identity of who scraped the information and why has yet to be confirmed, the report says.

Facebook has so far not seen any indication that user accounts have been compromised. Exposure of a phone number can leave victims susceptible to SIM swapping and spam calls.

Read more details here.

Edgepromohorizontal.jpgCheck out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "Meet FPGA: The Tiny, Powerful, Hackable Bit of Silicon at the Heart of IoT."

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights