According to the portal, 419 million numbers were found in a password-protected data bank and showed who each telephone record belonged to. Of the total exposed, 133 million numbers are from the United States, 50 million are registered in Vietnam and 18 million belong to the United Kingdom.
In a statement to the press, the Facebook spokesman said the information was already deleted. According to Positive Technologies, this violation is a reminder that even the largest companies may not be able to protect data. "Companies and consumers are very fast in creating and adopting new technologies and services, but they generally fail to protect themselves from the most basic attacks," he warns. Giovani Henrique, General Director of Positive Technologies for Latin America.
For the executive, the great risk of that attack is that many of the cell phone numbers involved remain in use by the holders of the affected accounts, and they do not know that they may be suffering from another fraud, such as user cloning in message systems . “Information is power for invaders. In many cases, data such as name, surname, telephone number, date of birth and document would be sufficient for the hacker to carry out a targeted attack, such as SMS interception via SS7, ”explains Henrique.
On the other hand, another threat of the attack is that many services, including banks, use phone numbers as a way to authenticate users. “If the number were stolen, hackers can violate that protection and potentially invade accounts. We saw this happen in the account of Twitter CEO Jack Dorsey, long ago ”, ends.