ADVERTISEMENT
Manila Bulletin devider devider 533 million Facebook user details leaked online

533 million Facebook user details leaked online

Published Apr 5, 2021 01:48 pm

899,629 accounts are from the Philippines

In 2019, social media giant Facebook found and fixed a vulnerability that allowed hackers to download more than 533 million user account details. It was then offered for sale on the dark web. Just last week, the issue reemerges online when someone posted more than 533 million user accounts including the 899,629 users from the Philippines. This time it's publicly available for free. To download the database in text format, you need to give eight credits to get the link. When you post or share something on the hacker forum, you get credits that you could use to download files from the forum. You can also download the whole database by buying credits. For 8-Euro you could get 30 credits, enough to download the more than 533 million user details from 106 countries.

This was posted in a hacking forum last Saturday.

Facebook downplayed the incident saying that the database is dated 2019 and that the vulnerability was already fixed. Cybersecurity practitioners however said that names don't expire, birthdays don't change, phone numbers rarely change and marital status are permanent to many.

To check the authenticity of the file, I randomly searched for the names of my Facebook friends, and true enough I found many of them. I got the file from a security researcher who's closely monitoring this incident. I then sent a message to my affected FB friends informing them of the availability of their details online. I first selected those I have no SMS connection in the past years and to my surprise, all of them are still using the same phone numbers.

In the case of users with similar names, anyone could verify if the details belong to the person he is looking for by checking the Facebook ID, just append the number on the URL of Facebook and if it goes to that person's Facebook page, then you got the phone number and other details including names, locations, birthdays, some bios and some even with email addresses.

The file shows phone numbers, Facebook IDs, names, locations, birthdays, bios, and some even email addresses

Some well-known Pinoys that I know are also on the list and I messaged them one by one informing them of the availability of their information to the public. While many of them said that the information was already public even without the leak, some of them are still worried about the fact that their phone numbers and other detials are now publicly accessible.

A friend asked me what he could do about it. I said, nothing. The data is now out in the open and we could not do anything about it. Facebook however while downplaying this incident needs to inform affected users and warn them of possible fraud that could happen as a result of this leak. There are 879,699 users affected in the country, I hope at least one would complain about the negligence of FB to the National Privacy Commission.

The forum listed Philippines with 879,699 users with exposed account details, upon checking the correct number should be 899,629

By the way, when I checked, my name is on the list. It however contains a fake phone number, location, and birthday.

ADVERTISEMENT
.most-popular .layout-ratio{ padding-bottom: 79.13%; } @media (min-width: 768px) and (max-width: 1024px) { .widget-title { font-size: 15px !important; } }

{{ articles_filter_1561_widget.title }}

{{ item.title }}
.most-popular .layout-ratio{ padding-bottom: 79.13%; } @media (min-width: 768px) and (max-width: 1024px) { .widget-title { font-size: 15px !important; } }

{{ articles_filter_1562_widget.title }}

{{ item.title }}
.most-popular .layout-ratio{ padding-bottom: 79.13%; } @media (min-width: 768px) and (max-width: 1024px) { .widget-title { font-size: 15px !important; } }

{{ articles_filter_1563_widget.title }}

{{ item.title }}

{{ articles_filter_1564_widget.title }}

{{ item.title }}
.mb-article-details { position: relative; } .mb-article-details .article-body-preview, .mb-article-details .article-body-summary{ font-size: 17px; line-height: 30px; font-family: "Libre Caslon Text", serif; color: #000; } .mb-article-details .article-body-preview iframe , .mb-article-details .article-body-summary iframe{ width: 100%; margin: auto; } .read-more-background { background: linear-gradient(180deg, color(display-p3 1.000 1.000 1.000 / 0) 13.75%, color(display-p3 1.000 1.000 1.000 / 0.8) 30.79%, color(display-p3 1.000 1.000 1.000) 72.5%); position: absolute; height: 200px; width: 100%; bottom: 0; display: flex; justify-content: center; align-items: center; padding: 0; } .read-more-background a{ color: #000; } .read-more-btn { padding: 17px 45px; font-family: Inter; font-weight: 700; font-size: 18px; line-height: 16px; text-align: center; vertical-align: middle; border: 1px solid black; background-color: white; } .hidden { display: none; }
function initializeAllSwipers() { // Get all hidden inputs with cms_article_id document.querySelectorAll('[id^="cms_article_id_"]').forEach(function (input) { const cmsArticleId = input.value; const articleSelector = '#article-' + cmsArticleId + ' .body_images'; const swiperElement = document.querySelector(articleSelector); if (swiperElement && !swiperElement.classList.contains('swiper-initialized')) { new Swiper(articleSelector, { loop: true, pagination: false, navigation: { nextEl: '#article-' + cmsArticleId + ' .swiper-button-next', prevEl: '#article-' + cmsArticleId + ' .swiper-button-prev', }, }); } }); } setTimeout(initializeAllSwipers, 3000); const intersectionObserver = new IntersectionObserver( (entries) => { entries.forEach((entry) => { if (entry.isIntersecting) { const newUrl = entry.target.getAttribute("data-url"); if (newUrl) { history.pushState(null, null, newUrl); let article = entry.target; // Extract metadata const author = article.querySelector('.author-section').textContent.replace('By', '').trim(); const section = article.querySelector('.section-info ').textContent.replace(' ', ' '); const title = article.querySelector('.article-title h1').textContent; // Parse URL for Chartbeat path format const parsedUrl = new URL(newUrl, window.location.origin); const cleanUrl = parsedUrl.host + parsedUrl.pathname; // Update Chartbeat configuration if (typeof window._sf_async_config !== 'undefined') { window._sf_async_config.path = cleanUrl; window._sf_async_config.sections = section; window._sf_async_config.authors = author; } // Track virtual page view with Chartbeat if (typeof pSUPERFLY !== 'undefined' && typeof pSUPERFLY.virtualPage === 'function') { try { pSUPERFLY.virtualPage({ path: cleanUrl, title: title, sections: section, authors: author }); } catch (error) { console.error('ping error', error); } } // Optional: Update document title if (title && title !== document.title) { document.title = title; } } } }); }, { threshold: 0.1 } ); function showArticleBody(button) { const article = button.closest("article"); const summary = article.querySelector(".article-body-summary"); const body = article.querySelector(".article-body-preview"); const readMoreSection = article.querySelector(".read-more-background"); // Hide summary and read-more section summary.style.display = "none"; readMoreSection.style.display = "none"; // Show the full article body body.classList.remove("hidden"); } document.addEventListener("DOMContentLoaded", () => { let loadCount = 0; // Track how many times articles are loaded const offset = [1, 2, 3, 4, 5, 6, 7, 8, 9, 10]; // Offset values const currentUrl = window.location.pathname.substring(1); let isLoading = false; // Prevent multiple calls if (!currentUrl) { console.log("Current URL is invalid."); return; } const sentinel = document.getElementById("load-more-sentinel"); if (!sentinel) { console.log("Sentinel element not found."); return; } function isSentinelVisible() { const rect = sentinel.getBoundingClientRect(); return ( rect.top < window.innerHeight && rect.bottom >= 0 ); } function onScroll() { if (isLoading) return; if (isSentinelVisible()) { if (loadCount >= offset.length) { console.log("Maximum load attempts reached."); window.removeEventListener("scroll", onScroll); return; } isLoading = true; const currentOffset = offset[loadCount]; window.loadMoreItems().then(() => { let article = document.querySelector('#widget_1690 > div:nth-last-of-type(2) article'); intersectionObserver.observe(article) loadCount++; }).catch(error => { console.error("Error loading more items:", error); }).finally(() => { isLoading = false; }); } } window.addEventListener("scroll", onScroll); });
Join Our Newsletters

Sign up by email to receive news.

© 2025 Manila Bulletin The Nation's Leading Newspaper. All Rights Reserved.