4 million Israelis caught up in Facebook users' data breach

Leaked information includes full names, Facebook IDs, phone numbers, email addresses; breach first detected by Israeli cybercrime specialist Alon Gal of cybercrime intelligence firm Hudson Rock, who first posted about it in January

Hagar Bohbot|
Related Topics
The phone numbers and personal data of four million Israelis were posted in a low-level hacking forum on Saturday, according to a report on the Business Insider website. 
Follow Ynetnews on Facebook and Twitter 
The Israelis were among 533 million users of the social media giant from 106 countries who had their personal information released.   
2 View gallery 
The Facebook logo 
(Photo: Reuters )
A Facebook spokesperson told Business Insider that the data had been scraped due to a vulnerability that the company patched in 2019.
The leaked information included the full name, Facebook identification, telephone numbers, email addresses, birthdates and in some cases location data of the users, the report said. 
The breach was first detected by Israeli cyber specialist Alon Gal, the CTO of cybercrime intelligence firm Hudson Rock, who posted about it in January of this year. 
2 View gallery 
Hudson Rock CTO Alon Gal 
(Photo: Courtesy of Hudson Rock)
Gal said Saturday on Twitter that the leaked information could be used for nefarious ends and slammed Facebook for its lack of culpability.    
"I have yet to see Facebook acknowledging this absolute negligence of your data," Gal wrote. He warned that "bad actors" could use the information for "social engineering, scamming, hacking and marketing."
All 533,000,000 Facebook records were just leaked for free.

This means that if you have a Facebook account, it is extremely likely the phone number used for the account was leaked.

I have yet to see Facebook acknowledging this absolute negligence of your data. https://t.co/ysGCPZm5U3 pic.twitter.com/nM0Fu4GDY8
— Alon Gal (Under the Breach) (@UnderTheBreach) April 3, 2021 
In the run-up to the 2016 U.S. presidential elections, Facebook came under fire after the Cambridge Analytica data research company used by the Trump campaign harvested the information of some 80 million users - in violation of the social media site's terms of service - to target potential American voters with political ads. 
According to Gal, there is little Facebook can do to help its users who have been compromised and said the company should have at least gone public with the breach so that people could be more vigilant against potential phishing schemes or fraud.
"Individuals signing up to a reputable company like Facebook are trusting them with their data and Facebook [is] supposed to treat the data with utmost respect," Gal said. "Users having their personal information leaked is a huge breach of trust and should be handled accordingly."
In early 2020 a vulnerability that enabled seeing the phone number linked to every Facebook account was exploited, creating a database containing the information 533m users across all countries.

It was severely under-reported and today the database became much more worrisome 1/2 pic.twitter.com/ryQ5HuF1Cm
— Alon Gal (Under the Breach) (@UnderTheBreach) January 14, 2021 
Cyber security experts have warned Facebook users to be aware that their telephone numbers and email addresses may have been posted online and urged them to activate two-stage verification for any online activity where possible. 
The experts said users may be able to identify bots through incorrect grammar and poor wording.
Those who may have been compromised should avoid clicking on unknown links and be aware that offers of cash or gifts online are most likely a scam.