Metacurity

Share this post

Facebook Says Previously Undisclosed Theft of 533 Million Users' Data Was Scraping, Not Breach

metacurity.substack.com

Facebook Says Previously Undisclosed Theft of 533 Million Users' Data Was Scraping, Not Breach

Signal will handle cryptocurrency payments, New Android malware distributed by faux Netflix tool, EU orgs targeted with intrusions, $38M worth of stolen gift, payment cards sold on forum, more

Cynthia Brumfield
Apr 7, 2021
∙ Paid
Share
Share this post

Facebook Says Previously Undisclosed Theft of 533 Million Users' Data Was Scraping, Not Breach

metacurity.substack.com

Don’t miss out on breaking infosec news. Follow us on Twitter for updates.

Follow Us on Twitter

A massive trove of around 533 million Facebook users’ data that is circulating on hacker forums came from a 2019 breach that Facebook did not disclose in any significant detail at the time and only fully acknowledged Tuesday evening. Facebook makes a fine distinction regarding this breach, saying that the data was stolen via scraping and not technically an intrusion into protected systems.

The records stolen by the hackers come from an entirely different data set than any of the other numerous data breaches Facebook has experienced in recent years. The attackers accomplished the data theft by abusing a flaw in a Facebook address book contacts import feature, which Facebook said it patched in August 2019. Facebook says it did not notify users about this exploitation because there are so many troves of semipublic user data taken from Facebook and other companies out in the world

Users can check whether their phone…

Keep reading with a 7-day free trial

Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
Previous
Next
© 2023 DCT Associates
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing