Jump to content
Login new information ×
Giveaway Contest ×
Login new information
Giveaway Contest

267 Million Names And Phone Numbers Leaked Online — And They’re All From Facebook

steven36

By steven36
in Security & Privacy News

Recommended Posts

steven36

steven36

Posted
Posted

If you start receiving more telemarketing calls, you can blame Facebook.

 

130583658_157685922926341698.jpg

 

Recently, a security researcher named Bob Diachenko found a database of user account info including their name and phone numbers for 267 million Facebook users. It was available in an unprotected format and copied to other hacker forums.

 

Reports indicate that this presents a treasure trove of data for telemarketers and spam purveyors because the data looks legitimate and comes from the social network itself, not from an untrusted source. (In some cases, leaked data that is old and outdated doesn’t help would-be scammers because the names and numbers are incorrect.)

 

Having this data means scammers can start new phishing scams and correlate the data from the phone records to Facebook user profiles.

 

The analyst says the data was potentially compromised through an API that gives developers access to back-end data, such as friend lists, groups, and photos.

 

He says at one time it was likely a protected, private database even on hacker forums, but was set to public and was readily available to anyone for about two weeks.

 

Hackers routinely download user information like this or purchase it on the Dark Web, but the difference with this data is that it has some authenticity since it also contains Facebook user information. And, because it contains phone numbers, it means hackers might be able to set up more sophisticated attacks that could include both a phone scam and an email scam.

 

Facebook has come under fire in recent years because of what some perceive to be lax security protocols.

 

The most famous incident is related to Cambridge Analytica and how that company had harvested user data from Facebook by using an app that appeared to be an academic survey.

This latest breach is much larger in scope. The survey collected data from 87 million users but this latest leak, according to the researcher, totals 267 million accounts.

 

There’s no new information about how users can find out if their data was hacked and if the database is still being shared on hacker forums.

 

Source

Link to comment
Share on other sites
  • Replies 34
  • Views 1.5k
  • Created
  • Last Reply
steven36

steven36

Posted
  • Author
Posted
32 minutes ago, Israeli_Eagle said:

It might also help to use VPN...

You can't login  Facebook  using vpn  without them knowing your phone number or you your ip .

 

Last Facebook account i made they locked me out before i could even put a email in ,  they wanted a phone number to verify it was me . That what happens if you try sign up using a vpn .

 

Should You Even Use Facebook with a VPN?

Quote

 

There are varying opinions about this (obviously). My personal feeling is that it's probably a waste of time to use a VPN on Facebook unless you're unlocking it due to geo-restrictions.

The whole point of VPN is to remain anonymous, but real anonymity on Facebook can be difficult to achieve, with or without it. The reason I say this is because all Facebook accounts are tied to either an email address and/or a phone number. Facebook places great emphasis on being able to tie your account credentials to an actual human being.

 

Sometimes  they even want photo id even

https://www.facebook.com/help/community/question/?id=101616510396306

 

Only Privacy from Facebook is not use Facebook.   If you dont care you need use  the same public ip address every time log in  and if you change it you need proof of who you are. People who use Tor for Facebook  use bridges and they use it  to bypass   geo-restrictions  they have give them proof of who they are.
 

Link to comment
Share on other sites
Israeli_Eagle

Israeli_Eagle

Posted
Posted
10 minutes ago, steven36 said:

You can't login  Facebook  using vpn  without them knowing your phone number or you your ip .

 

That is simply not true!! I never gave FB a phone number and only use VPN the last 10 years. So.....

But of course I never use FB on 'mobile toys' anyway. :coolwink:

 

Link to comment
Share on other sites
steven36

steven36

Posted
  • Author
Posted
25 minutes ago, Israeli_Eagle said:

 

That is simply not true!! I never gave FB a phone number and only use VPN the last 10 years. So.....

You must of signed up without vpn 10 years ago . I use to could sign into Facebook with my old account in 2012 that i made without a vpn  in 2012 with VPN they already knew my ip . But when i try to make a new account this year   with a vpn they locked me out and wanted a phone number . If you use a smart phone it dont matter  your account is already linked to your phone number. I'm talking about  on desktop trying sign up now only way you can do is with a real ip or they want  a  phone number on desktop . so i never use facebook any more since 2012 . Facebook at any given time can lock you  out and make you prove its you because of you changing ips . They people  who were locked out who dont have phones that never got back in.

 

Why am I being asked to add my mobile phone number to my account?

https://www.facebook.com/help/1137953062904148?helpref=uf_permalink

 

You keep asking for my mobile number. I do not have a mobile number!

https://www.facebook.com/help/community/question/?id=164599863951980

 

Even Microsoft  done this too me for changing ips locked me out of a account i made with a vpn and my Google Account  is region locked to a certain ip range on my vpn because i made it without a email or phone number when i try too go outside of that ip range they ask for a mobile number. (This is on desktop) on smartphone  it dont matter they already have your geo location and if you try to spoof  it they will lock you out.

Link to comment
Share on other sites
Israeli_Eagle

Israeli_Eagle

Posted
Posted
8 minutes ago, steven36 said:

You must of signed up without vpn 10 years ago . I use to could sign into Facebook with my old account in 2012 that i made without a vpn  in 2012 with VPN they already knew my ip . But when i try make a new account  with vpn they locked me out and wanted a phone number . If you use a smart phone it dont matter  your account is already linked to your phone number. I'm talking about  on desktop trying sign up now only way you can do is with a real ip or want  they a  phone number on desktop . Facebook at any given time can lock you  out and make you prove its you because of you changing ips . They people  who were locked out who dont have phones that never got back in.

 

ROFL..... :lmao:
Nope, sorry. FB will NEVER get my original physical IP, zero chance!! I use it almost every hour and today they see me at Zurich/Switzerland. :coolwink:

 

Besides that... In the free world privacy is a right in law!! And connecting & linking auto a smartphone to FB is already illegal, because it's not part of the OS! Because of that was also never FB app installed on my phones.

 

And I told you already, I use FB only on a real PC with a line with full VPN (OS boots already into it). And also fact is that any real PC & internet never has any phone number at all.

 

So... I hope you not mind @steven36, but on which planet you live?? :rasta:

Link to comment
Share on other sites
steven36

steven36

Posted
  • Author
Posted
13 minutes ago, Israeli_Eagle said:

 

ROFL..... :lmao:
Nope, sorry. FB will NEVER get my original physical IP, zero chance!! I use it almost every hour and today they see me at Zurich/Switzerland. :coolwink:

 

Besides that... In the free world privacy is a right in law!! And connecting & linking auto a smartphone to FB is already illegal, because it's not part of the OS! Because of that was also never FB app installed on my phones.

 

And I told you already, I use FB only on a real PC with a line with full VPN (OS boots already into it). And also fact is that any real PC & internet never has any phone number at all.

 

So... I hope you not mind @steven36, but on which planet you live?? :rasta:

Its not just Facebook that does this it's all  of big tech  i use to have accounts i made years  ago before i cared about my privacy  . And even back then Google and Yahoo would lock me out once i started using a VPN and made me prove it was me but they didn't want phone numbers back then . So i stop using there services and went on the down low . New accounts i try to make with a  VPN they all want a phone number now . So Facebook must know who you  are already  or they would lock you out  for suspicious login behavior.

 

Quote

Additionally, Facebook stated that knowing the general location of the user helps it and other Internet firms protect accounts by identifying suspicious login behavior. For instance, someone in Asia accesses the account when the user is in the US. Facebook is not alone in this practice, as any team of developers that have the ability to track Internet users can also tell where people are accessing the app or site from.

https://www.nsaneforums.com/topic/360843-facebook-admits-tracking-user-location-bombarding-ads-even-location-services-is-off/

Facebook even admitted to the goverment  they do it.

Link to comment
Share on other sites
Israeli_Eagle

Israeli_Eagle

Posted
Posted
10 minutes ago, steven36 said:

Its not just Facebook that does this it's all  of big tech  i use to have accounts i made years  ago before i cared about my privacy  . And even back then Google and Yahoo would lock me out once i started using a VPN and made me prove it was me but hey want phone numbers . So i stop using there services and went on the down low . New accounts i try with VPN if they want all phone number now . So Facebook must know who you  are allready  or they would lock for suspicious login behavior.

 

1. Google, Yahoo and such trash is also fully banned on my systems. :coolwink:

2. Nope, no problems at all and best friend with FB otherwise. Also admin & moderator from a few big groups. But might be possible that FB knows I'm Cyber Security & Privacy Specialist officially.

3. And again... A PC user cannot be forced to have a phone per default!!

 

Link to comment
Share on other sites
steven36

steven36

Posted
  • Author
Posted
13 minutes ago, Israeli_Eagle said:

 

1. Google, Yahoo and such trash is also fully banned on my systems. :coolwink:

2. Nope, no problems at all and best friend with FB otherwise. Also admin & moderator from a few big groups. But might be possible that FB knows I'm Cyber Security & Privacy Specialist officially.

Facebook  would never allow me  in a with a new account as long as my vpn  is on this is 2019 not a account i made 10 years ago  . They block me before i can add my email to verify the new account .

 

How To Remove a VPN Block on Your Facebook Account

 

The reason Facebook sometimes blocks accounts using VPN is because it also keep lists of IP address ranges that are for know for VPN usage. Facebook checks your IP address every time you log in. It's one of the ways they confirm that you really are who you say you are. Another reason Facebook is so stringent about security is because a percentage of their accounts are always under attack by hackers. When you sign into your account using VPN, your IP address suddenly may not fall into the range Facebook has associated with your location. Facebook often treats this scenario as though someone's trying to hack your account. Some solutions for getting the block on your account lifted include:

 

1. Log in without VPN – I was on Facbook with VPN the other day, and they placed a temporary ban on my account. I solved it by turning the VPN off and logging in normally.

 

2. Enable 2 Step Verification – 2 Step Verification means using your phone as part of the log in process. After inputting your email address and password, Facebook texts a code to your phone that you also have to input. This should work even if you're on VPN; the code proves it's really you no matter what your IP address is.

 

https://securevpn.com/learn_more/How_To_Remove_a_Facebook_Account_Block_Caused_By_Using_VPN

 

So i just give up. i just wanted to talk to one person and they have my email and  can talk  to me there so no need for Facebook in 2019 . I'm not giving them my phone number,

 

They have apps on smartphone that let you get around the code my friend  said they used it to join telegram  i try some free websites before but them never worked on desktop to get around the code.

Link to comment
Share on other sites
Matrix

Matrix

Posted
Posted
1 minute ago, steven36 said:

I'm not giving them my phone number,

 

Ponder this what if its not your phone number but your device that identifies you e.g IMEI number...

 

In my country you must produce your ID when purchasing a mobile phone its a simple matter of connecting the dots that's concerning.

 

Link to comment
Share on other sites
Israeli_Eagle

Israeli_Eagle

Posted
Posted
2 minutes ago, steven36 said:

Facebook  would never allow me  in a with a new account as long as my vpn  is on this is 2019 not a account i made 10 years ago  . They block me before add my email to vefiy the new account .

 

How To Remove a VPN Block on Your Facebook Account

 

The reason Facebook sometimes blocks accounts using VPN is because it also keep lists of IP address ranges that are for know for VPN usage. Facebook checks your IP address every time you log in. It's one of the ways they confirm that you really are who you say you are. Another reason Facebook is so stringent about security is because a percentage of their accounts are always under attack by hackers. When you sign into your account using VPN, your IP address suddenly may not fall into the range Facebook has associated with your location. Facebook often treats this scenario as though someone's trying to hack your account. Some solutions for getting the block on your account lifted include:

 

1. Log in without VPN – I was on Facbook with VPN the other day, and they placed a temporary ban on my account. I solved it by turning the VPN off and logging in normally.

 

2. Enable 2 Step Verification – 2 Step Verification means using your phone as part of the log in process. After inputting your email address and password, Facebook texts a code to your phone that you also have to input. This should work even if you're on VPN; the code proves it's really you no matter what your IP address is.

 

https://securevpn.com/learn_more/How_To_Remove_a_Facebook_Account_Block_Caused_By_Using_VPN

 

So i just give up. i just wanted to talk to one person and they have my email and  can talk  to me there so no need Facebook in 2019 . I'm not giving them my phone number,

 

 

As sad as it is, but that's the different of the true free & modern world vs Trumpland, Russia, North Korea etc...
I said already that the right of privacy is law! So......... FB probably does not want tickets for billions. ;)

 

But also again... Better NEVER use FB on phones!!

Link to comment
Share on other sites
steven36

steven36

Posted
  • Author
Posted
4 minutes ago, Mach1 said:

 

Ponder this what if its not your phone number but your device that identifies you e.g IMEI number...

 

In my country you must produce your ID when purchasing a mobile phone its a simple matter of connecting the dots that's concerning.

 

I dont have a smartphone  i was trying to join on  desktop  they kick me out and want my phone number before i can verify my email because i want turn my vpn off .

Link to comment
Share on other sites
Israeli_Eagle

Israeli_Eagle

Posted
Posted
7 minutes ago, Mach1 said:

 

Ponder this what if its not your phone number but your device that identifies you e.g IMEI number...

 

 

Yes, of course the trashy FB app can also transfer your IMEI. Plus filters extreme, logs and also bombs ads.

 

Link to comment
Share on other sites
Matrix

Matrix

Posted
Posted
2 minutes ago, steven36 said:

I dont have a smartphone  i was trying to join on  desktop  they kick me out before i can verify my email because i want turn my vpn off .

 

Its the same deal with a PC your IP is not needed to identify you its your device that can gives the game away.

Link to comment
Share on other sites
steven36

steven36

Posted
  • Author
Posted
10 minutes ago, Israeli_Eagle said:

 

As sad as it is, but that's the different of the true free & modern world vs Trumpland, Russia, North Korea etc...
I said already that the right of privacy is law! So......... FB probably does not want tickets for billions. ;)

 

But also again... Better NEVER use FB on phones!!

Not if using a VPN  with some ip not in the USA making a account  were you from they can't tell were you are but they keep a  list of vpn ranges and know if you try to sign up with a vpn and want a phone number . How ever you got your Facebook 10 years ago has nothing to do with 2019 almost 2020.

 

4 minutes ago, Mach1 said:

 

Its the same deal with a PC your IP is not needed to identify you its your device that can gives the game away.

But i use lots of stuff in my browser that hide my system id  lol.

Link to comment
Share on other sites
Israeli_Eagle

Israeli_Eagle

Posted
Posted
8 minutes ago, Mach1 said:

 

Its the same deal with a PC your IP is not needed to identify you its your device that can gives the game away.

 

Wrong, sorry. Because a real PC has no serial number or such at all. Because the device is already unique and built of the user them self. :coolwink:

 

6 minutes ago, steven36 said:

Not if using a VPN  with some ip not in the USA making a account  were you from they can't tell were you are but they keep a  list of vpn ranges and know if you try to sign up with a vpn and want a phone number . How ever you got your Facebook 10 years ago has nothing to do with 2019 almost 2020.

 

LOL... Well...... Sometimes I also create somehow fake accounts for testing, without any phone number and also full VPN. I never had a problem at all. So............ Are you sure that you use a good & full VPN??

 

Link to comment
Share on other sites
steven36

steven36

Posted
  • Author
Posted
6 minutes ago, Israeli_Eagle said:

 

Wrong, sorry. Because a real PC has no serial number or such at all. Because the device is already unique and built of the user them self. :coolwink:

They fingerprinting you on PC they have been for years and if you use anti-fingerprint stuff like i do they will lock you out.

 

Using fingerprint technology, FB recognizes not only the “stuffing” of your computer, but also indirectly learns information about installed libraries, software, drivers, etc. Each electronic device that got in facebook’s line of sight is assigned a unique digital label in the form of a hash sum. Add this to the data collected from double entry technology, data collected with cookies, and data that FB buys from third-party services. Daily FB receives roughly 1000 terabytes of information about its users, which social network engineers systematize, structure and analyze with the help of machine learning.

 

Not long ago we diligently tried to hide from the Network. Webrtc and flash partially blocked outgoing traffic, blocked cookies, cleaned cache and at the same time made us feel smart. Today, new registration with such parameters will directly go to the Selfie page faster than you can pronounce the name of FB owner. Previously, we were satisfied when the bunny whoer showed an honest 100% of anonymity. Now times have changed, and FB freaks out just like Google in 2015.

 

Today we have to be even smarter. Blocking cookies is just as good as confessing to the network – hey, look, I’m an arbitrator, I’m here. The truth is that 95% of network users do not know what cookies are and what they do. At the same time everyone who is trying to hide looks suspicious. And for FB suspicious – means guilty. This leads to either your account being “flagged” or to the good old Selfie check. You have to work really hard to convince FB that you are an average user. Bans in FB always were and remain a scoring system, but still nobody knows the variables in the trust rate calculation formula.


Back to the point: How much does Facebook know about the webmaster? A LOT! In reality it is much more than we think.

 

https://blog.adcombo.com/fb-uses-fingerprint-detect/

 

Link to comment
Share on other sites
Israeli_Eagle

Israeli_Eagle

Posted
Posted
1 minute ago, steven36 said:

They fingerprinting you on PC they have been for years and if you use anti-fingerprint stuff like i do they will lock you out.

 

 

A strong & full PC not has any fingerprint sensor... Why should it??

And I use simply very strong Bitlocker (non-standard) and TPM. :coolwink:

 

But of course mobile toys can be logged, has model & serial number etc...

Link to comment
Share on other sites
Matrix

Matrix

Posted
Posted
3 minutes ago, Israeli_Eagle said:

Because a real PC has no serial number or such at all

 

Sorry Mac Address on your PC can be used to identify you unless you change it regularly. 

Not trying to be an alarmist but there is more then just your IP that is used by FB and other forums etc 

Just food for thought complacency as mentioned above can be used against you. 

Link to comment
Share on other sites
Israeli_Eagle

Israeli_Eagle

Posted
Posted
1 minute ago, Mach1 said:

 

Sorry Mac Address on your PC can be used to identify you unless you change it regularly. 

Not trying to be an alarmist but there is more then just your IP that is used by FB and other forums etc 

Just food for thought complacency as mentioned above can be used against you. 

 

There is no usable MAC address via VPN!! They get then only server MAC maybe and can be changed any time.

Link to comment
Share on other sites
Matrix

Matrix

Posted
Posted
6 minutes ago, Israeli_Eagle said:

They get then only

 

As I said complacency is the enemy if you think you know what information is collected you should think again because the real fact is none of us know all of what is being collected and by who if you feel safe cool I do also but there is always things we don't know that happens behind closed doors if you want privacy don't use your phone and don't use the internet. 

Link to comment
Share on other sites
Israeli_Eagle

Israeli_Eagle

Posted
Posted
2 minutes ago, Mach1 said:

 

As I said complacency is the enemy if you think you know what information is collected you should think again because the real fact is none of us know all of what is being collected and by who if you feel safe cool I do also but there is always things we don't know that happens behind closed doors if you want privacy don't use your phone and don't use the internet. 

 

Of course, you're right. Life is risky!

BUT... It can be limited enough that FB for example can never get the exact location or any private data. Tho also not comes from heaven and needs some basic knowledge, but sadly 99% are far of that and live very risky.

Link to comment
Share on other sites
steven36

steven36

Posted
  • Author
Posted
8 minutes ago, Israeli_Eagle said:

 

There is no usable MAC address via VPN!! They get then only server MAC maybe and can be changed any time.

VPNs  all they do is some clients come with certain features that block leaks if they dont  work  and are leaking then you must block them  yourself . VPN leaks are worse than MAC Address leaks because they revile your ip . And you never know when they be some new 0day out there not disclosed . Many happen like Heartbleed in open SSL.

 

Quote

The Heartbleed attack works by tricking servers into leaking information stored in their memory.

 

Still today in 2019 they many idots that use old  servers and never patched them.

Link to comment
Share on other sites
Israeli_Eagle

Israeli_Eagle

Posted
Posted
3 minutes ago, steven36 said:

VPNs  all they do is some clients come with certain features that block leaks if they dont  work  and are leaking then you must block them  yourself . VPN leaks are worse than MAC Address leaks because they revile your ip . And you never know when they be some new 0day out there not disclosed . Many happen like Heartbleed in open SSL.

 

Because of that I said already... You should use a good VPN provider & system!!

For example there is no client app needed at all. :coolwink:

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Guest
This topic is now closed to further replies.
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...