Over 500 million Facebook users had their personal information leaked on the dark web. Here’s how Evolve can help.
SAN RAFAEL, CA – First reported by Business Insider, personal information of more than 500 million Facebook users has been discovered in a forum on the dark web. The information, which spans users from at least 106 countries, includes phone numbers, Facebook log-in IDs, full names, locations, birthdays, and email addresses.
Alon Gal, the chief technology officer of cyber intelligence firm Hudson Rock, discovered the leaked data on Saturday. “A database of that size containing the private information such as phone numbers of a lot of Facebook’s users would certainly lead to bad actors taking advantage of the data to perform social-engineering attacks [or] hacking attempts,” Gal told Business Insider.
The bulk of the leaked data stems from a 2019 vulnerability which Facebook fixed immediately. This is significant, because it proves that once information is leaked, it can be nearly impossible to expunge from the web, even for a giant like Facebook.
Evolve’s Dark Web Scanner + Skurio & Cyber Risk Aware
The Dark Web Scanner
No matter how strong your company’s cyber defense, you are vulnerable to third party breaches. For example, if one of your employees has used their business email address when signing up for Facebook, it may have been leaked in this data set. Similar leaks have impacted LinkedIn, Canva, and countless other companies used extensively by American businesses.
Evolve offers a free tool called the Dark Web Scanner, which scrapes the dark web for any compromised credentials connected to your business. Furthermore, you will find out how and when that data was breached.
The Dark Web Scanner is available for use by all, but it should be noted that all active Evolve policyholders receive an entire suite of services designed to protect your business data leaks and the attacks which typically follow. For the purpose of this writing, let’s focus on Skurio and Cyber Risk Aware, as these are two of our top partners when it comes to data breaches specifically.
Skurio – Dark Web Monitoring
Skurio scans the dark web 24/7 for information tied to your organization. It is similar in practice to our Dark Web Scanner, but runs around the clock.
Knowing that your business has been compromised right away gives you a leg up on hackers, and allows you to notify your internal IT team and Evolve’s forensic team of a potential breach.
Cyber Risk Aware – Live Phishing Training
You may be wondering… if hackers only get your email address, name, and phone number, can they really execute successful cyber attacks? Unfortunately, the answer is yes.
The most common attack stemming from data leaks is email or phone-based social engineering. Armed with thousands (or in this case, millions) of real email addresses, hackers send out phishing emails in bulk, hoping that you or your employees click on the malicious links in their messages. Once clicked, these links can lead to malware being embedded in your network.
As usual, the best solution is prevention. Cyber Risk Aware sends fake phishing emails that look real. If an employee opens of the the emails, they will be directed to an online course on phishing awareness, and management will be notified of who clicked on the message.
Related: Dark Web Scanner FAQs