A database consisting of 267 million Facebook users was leaked on the web for a fortnight. The leaked database contained Facebook user IDs, phone numbers and names which were exposed online. Researchers claim, a cloud misconfiguration was the cause of this disaster.
As per the alleged claims of consultant Bob Diachenko and some researchers from a pro-consumer website, this unfortunate leak was implemented by cyber criminals who indulged in an illegal scraping operation. Scraping or web scraping is a form of copying where gathering and duplicating of specific data occurs on the web. This data is later saved into a local database.
According to Paul Bischoff, a tech writer, privacy advocate and VPN expert, “One possibility is that the data was stolen from Facebook’s developer API before the company restricted access to phone numbers in 2018. Facebook’s API is used by app developers to add social context to their applications by accessing users’ profiles, friends list, groups, photos, and event data. Phone numbers were available to third-party developers prior to 2018.”
“Diachenko says Facebook’s API could also have a security hole that would allow criminals to access user IDs and phone numbers even after access was restricted. Another possibility is that the data was stolen without using the Facebook API at all, and instead scraped from publicly visible profile pages,” he concluded.
The researchers didn’t fail to mention that the confidential information that was procured through the data leaked can be used in operations like spamming, phishing and smishing. The users can get tricked and later hacked through these operations.
The data was recorded on 4th December for the first time and got uploaded on a hacker forum 8 days after. It was discovered 10 days later by Diachenko and reported to the ISP (Internet Service Provider) which manages the IP address. Despite this, it was taken off from the internet on 19th December, i.e. 5 days later after being notified.
The original leak had occurred due to a misconfigured Elasticsearch cluster. In layperson terms, Elastic search is an online data distribution system which makes the distribution and segregation of data efficient.
This is not the first time where confidential data has been leaked from unsafe cloud databases. In the month of November, data of over one billion users which was collected by data enrichment companies were leaked. Along with this, during December more than one billion password combinations which were either stolen or bought by hackers were also found on a unsecured Elasticsearch database.