Khaberni -Khbarney - Facebook has witnessed one of the largest data breaches in the history of social media, where a hacker known as "Byte Breaker" announced the theft of data from 1.2 billion user accounts, and is currently offering this data for sale on the dark net.
Cybersecurity researchers have revealed that the stolen data includes sensitive personal information such as names, user identifiers, email addresses, phone numbers, dates of birth, gender, and users' locations like city and state.
New Facebook Breach
This leak results from exploiting a flaw in one of Facebook's tools that allows third-party applications to access user data, according to the "Daily Mail".
The hacker exploited Facebook's application programming interface (API) illegally, collecting a vast amount of data by exploiting a loophole that allowed bypassing restrictions on access to information.
The situation resembles exploiting a library system flaw that allows copying all caller data instead of just borrowing books.
Doubts about the extent of the leaks
Although "Byte Breaker" published a sample containing 100,000 user records to prove the validity of his data, cybersecurity experts and "Meta," the owner of Facebook, doubted these numbers, confirming that a significant portion of this data comes from a previous leak in 2021 that included only 533 million users.
Meta added that the alleged leak dates back to old data, and that the company has taken measures to protect users and prevent similar incidents, noting that the number of rows announced in the databases does not match the size of 1.2 billion records.
Precautions to protect privacy
Specialized agencies urge all Facebook users to take urgent measures to secure their accounts, such as changing passwords, enabling two-step verification, and freezing credit at banks.
They also warned that this stolen data is sufficient for internet criminals to open credit cards or access users’ financial accounts.
To protect electronic accounts from potential risks following data breaches, users are advised to avoid using the same password across multiple platforms and to update passwords periodically to maintain account security.
Activating two-step verification is also considered a fundamental tool that adds an extra layer of protection, making it difficult for hackers to access the account even if they obtained the password.
It is also important to continuously monitor bank accounts to detect any unusual activity that may indicate an attempt to breach or steal money, and to use alert services that notify the user immediately upon new financial transactions, which helps in taking quick actions to prevent damages.
