An unprotected Elasticsearch database that was accessible from the Internet was recently found to store information on over 267 million Facebook users, Comparitech reveals.
Discovered in collaboration with security researcher Bob Diachenko, the database contained user IDs, phone numbers, and names, all of which could be accessed by anyone, without a password or any other form of authentication.
The data, Comparitech says, could have been exploited to conduct large-scale SMS spam and phishing campaigns, as well as for various other nefarious operations.
The Internet service provider (ISP) that manages the IP address of the server where the database was stored was notified and access to the information has been removed.
However, the database was exposed for around two weeks before that, and the information has already been made available for download via a hacker forum.
The database was first indexed on December 4 and emerged on the hacker forum on December 12. Diachenko discovered the database on December 14 and alerted the ISP immediately. As of December 19, the database is no longer available.
The data was likely harvested as part of an illegal scraping operation, but it is also possible that it was gathered by abusing the Facebook API, with cybercriminals in Vietnam being responsible for the operation, evidence suggests.
“Typically, when we find exposed personal data like this, we take steps to notify the owner of the database. But because we believe this data belongs to a criminal organization, Diachenko went straight to the ISP,” Comparitech explains.
The database contained a total of 267,140,436 records, most of the information pertaining to users in the United States. The entries, which appear to be valid, include a uniq ..
Support the originator by clicking the read the rest link below.
