New Delhi, Jan 26: Beware if you are a Facebook user and have added your phone number on the social media platform as there are chances that your data, including your phone number and country name may be up for sale!
In a recent security breach, mobile phone numbers of over 500 million Facebook users are up for sale through a Telegram bot.
The case of data exploitation came under the scanner, when a security researcher named Alon Gal shared the issue on his Twitter account. He even shared photos reporting the number of users whose data has been compromised across the different nations.
According to security researcher Alon Gal (via Motherboard) the data includes phone numbers of over 60 lakh Indian users. The problem was first highlighted by Gal on microblogging site Twitter.
Gal said that the person who runs the bot claimed that the information of 533 million Facebook users came from a vulnerability that the social media giant patched in 2019.
But the vulnerability allowed almost everyone to have access to the phone numbers linked to Facebook accounts across the world. This was exploited to create a database of the social media user accounts and their numbers and is now being sold via the bot.
Anyone with a person’s phone number can find the Facebook user ID using the Telegram bot and vice versa. However, those who want to access the information will have to pay for it and this will cost them one credit. The person behind this bot is selling a phone number or Facebook user ID for USD 20. There is also bulk pricing for the data. The bot has fixed a charge of USD 5000 for 10,000 credits.
The Telegram bot is said to be running since at least January 12, 2021 but the data provided is from 2019. However, the data can be accurate considering that very few people change their phone numbers that often. According to the security researcher, users’ data from over 100 countries are up for sale through the bot.
Gal said that despite being a serious privacy concern, the issue was under-reported when it was first highlighted.
According to Motherboard’s report, if someone has a user’s phone number, then they can find their Facebook ID with the help of Telegram bot. However, the information is not free and for accessing the sensitive information, they will be required to pay a certain amount. The person who created the Telegram bot is selling a phone number or Facebook ID for $20. The bot is also selling Facebook users’ data in bulk. For 10,000 credits, the bot is charging $5,000, the report added.
Alan further expressed his concern over the security issue and said it is important that Facebook notify its users of this breach so they are less likely to fall victim to different hacking and social engineering attempts.
