The personal information of more than a half-billion Facebook users in 106 countries has been posted in a hacking forum, Business Insider reports. The data include full names, Facebook IDs, phone numbers, locations, birthdates, and bios. Some email addresses are posted, as well. The breach puts the users, 32 million of whom are in the US, at risk of becoming victims of crime. The hack was discovered Saturday by Alon Gal of Hudson Rock, a cybercrime intelligence firm, who announced it in a tweet. "A database of that size containing the private information such as phone numbers of a lot of Facebook's users would certainly lead to bad actors taking advantage of the data to perform social engineering attacks [or] hacking attempts," Gal said. Facebook did not immediately comment on the theft.
Business Insider looked over a sample and verified some of the information. The data is accessible on a low-level hacking forum, at no charge to anyone with basic hacking skills. Scammers can use such leaks to impersonate users or con them into providing more personal data. It's too late for Facebook to do much of anything about the leak, Gal said, but the company could alert users so they can be on the lookout for misuses of their data. Facebook has a responsibility to "treat the data with utmost respect," Gal said, adding, "Users having their personal information leaked is a huge breach of trust." At this point, per Axios, Facebook users should assume their data eventually will show up in public—not that the company should be off the hook for the leak. (Read more Facebook privacy stories.)