The phone numbers associated with over 400 million Facebook accounts were exposed online in the latest privacy dilemma for the social media giant. 

TechCrunch reported on Wednesday that an exposed server storing 419 million records was found online - 133 million belonging to U.S. users, 50 million Vietnamese users, and 18 million U.K. users. This server was not protected with a password, meaning anyone could access the database up until late yesterday evening once the host took down the site.

Each record contained a user's unique Facebook ID and phone number associated with the account. The users Facebook ID is a long, unique public number associated with the account. But users phone numbers have not been public since access to users' phone numbers was restricted in 2018 following the Cambridge Analytica scandal

Facebook has confirmed that there is some truth to these allegations but has noted that the number of accounts so far confirmed is less than half of the reported 419 million and that the majority of the data was old and contained duplicates. 

Facebook's latest data breach is a textbook example of the issue with storing data online, publicly without password protection. While data exposure is often linked to human error rather than malicious in nature, data exposures such as this put millions of users at risk for spam calls and SIM-swapping. SIM swapping involves tricking cell phone carriers into giving a person's phone number to an attacker which enables the attacker to force-reset passwords on any internet accounts linked to that phone number. 

This technique was recently carried out by the hacker group Chuckling Squad to hijack Twitter CEO Jack Dorsey's account and tweet offensive messages and declare a bomb threat. The tweets have since been removed and Twitter has temporarily disabled the feature that allows users to post tweets via SMS. 


The Most Powerful & Reliable Cybersecurity Products

change tracker gen7r2 logo

Change Tracker Gen 7R2: Complete configuration and system integrity assurance combined with the most comprehensive and intelligent change control solution available.

FAST Cloud logo

Fast Cloud: Leverage the world’s largest whitelist repository to automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology)

vulnerability tracker logo

Vulnerability Tracker: The world’s only limitless and unrestricted vulnerability scanning solution with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

log tracker logo

Log Tracker: Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds

Contact Us

Corporate Headquarters

6160 Warren Parkway, Suite 100
Frisco, Texas, 75034

Phone 1: 1-949-407-5125

Phone 2: 888-638-9749 (toll-free)

[email protected]

United Kingdom

5 New Street Square
London EC4A 3TW

Phone: +44 (0) 203 588 3023

 [email protected]
SC Magazine Cybersecurity 500 CSGEA Winners 2021 CIS benchmarking SEWP Now Certified IBM Security
Copyright 2023, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.