{"id":65038,"date":"2021-04-07T16:16:00","date_gmt":"2021-04-07T23:16:00","guid":{"rendered":"https:\/\/blog.mozilla.org\/foxtail\/?p=65038"},"modified":"2021-08-06T14:36:59","modified_gmt":"2021-08-06T21:36:59","slug":"facebook-data-leak-explained","status":"publish","type":"post","link":"https:\/\/blog.mozilla.org\/en\/privacy-security\/facebook-data-leak-explained\/","title":{"rendered":"You\u2019ve been scraped, the Facebook data leak explained"},"content":{"rendered":"\n

In early April, it was reported<\/a> that there had been a Facebook data leak, raising alarms among Facebook account holders. Half a billion Facebook accounts were impacted. The dataset is from 2019, so it had been out there, but not widely circulated. Over the weekend, the data started popping up on popular hacking forums for free. The interesting story is where the data likely came from, what can be done with it, and what you can do to protect yourself.<\/p>\n\n\n\n

\"\"
Alert from <\/em>haveibeenpwned<\/em><\/a>.<\/em><\/figcaption><\/figure><\/div>\n\n\n\n

<\/p>\n\n\n\n

What was in the April 2021 Facebook data leak?<\/b><\/h2>\n\n\n\n

Data for more than 500 million Facebook accounts<\/a> was included in this data dump. It appears that most records included Facebook ID numbers, names, gender and phone numbers. Some records also included birth dates, location, relationship status and employer.<\/p>\n\n\n\n

Most of this data does not seem to have been acquired through typical data breach methods, meaning it wasn\u2019t collected by breaking into Facebook\u2019s databases. Instead, it was \u201cscraped\u201d from information that users themselves made visible.<\/p>\n\n\n\n

Attackers scraped Facebook data by exploiting a vulnerability in Facebook’s Contact Importer feature in 2019. From what has been reported<\/a>, the individuals probably used Android emulators<\/a>, which is software that simulates an Android device on a computer. They loaded, say, 10k phone numbers into the address book of the emulated device, installed Facebook’s mobile app, and used the app\u2019s “import contacts” feature to get the rest of the profile data for those 10k phone numbers. Then they wiped the device and did the same thing with another batch of 10k phone numbers, etc. etc.<\/p>\n\n\n\n

A combination of privacy settings led to data vulnerability:<\/p>\n\n\n\n