Information belonging to 267 million Facebook users found its way onto the dark web for a minuscule price tag of just $540.

Facebook once again finds itself in the spotlight after an unknown hacker(s) sold 267 million user profiles on the dark web. It is unknown when the company’s defenses were breached. The incident will likely only further stain Facebook’s already shaky reputation when it comes to data security.

Hundreds of Millions of Facebook Users Affected

The dark web hackers offered and already sold the 267 million Facebook user profiles for only $540. These worrying tales of the massive amounts of information sold cheaply are coming at a truly alarming rate.

Fortunately, the hacker did not manage to obtain passwords to stolen accounts. While this may not seem like such a big issue, there is the possibility of someone using passwords stolen from other sites in previous hacks.

The stolen data did, however, include Facebook IDs, email addresses, names, phone numbers, and dates of birth. This kind of information could lead to a wave of brute force attacks, as well as an entire flood of new phishing attacks. Even if only a small percent of the affected users end up fully-compromised, it could still mean that thousands may have their lives and identities ruined.

Advertisement
Continue reading below

A New Wave

The security researchers confirmed that the information is, in fact, legitimate. This could also pose additional troubles for Facebook, which is much akin to similar breaches in the past. Late in 2019, a database of nearly 420 million users, mostly belonging to U.S. citizens, ended up for sale online.

Back then, Facebook vowed, ‘We are looking into this, but believe it is likely information obtained before changes we made in the past few years to better protect people’s information.’

It is recommended that anyone who suspects that they may be affected by the new data leak should immediately change their password. Another security measure to consider for all users is to enable two-factor authentication (2FA) on Facebook and any other sites where sensitive data has been entered.

Third Massive Dark Web Data Dump in April

The sale of Facebook profile data is actually the third major data dump this month.

The first of the three took place early in April, according to reports when the data of 538 million Weibo users emerged on the dark web for a price tag of only $250.

Last week, reports revealed that the dark web was host to the sale of a massive data dump, offering half a million Zoom accounts for sale.