At the end of last week it was discovered that phone numbers relating to around 400 million Facebook accounts had supposedly been leaked online. For a firm already battling with countless security breaches over the past couple of years, this comes as no surprise, as well as being a huge embarassment for the social media giant.

According to a popular tech blog called TechCrunch, approximately 133 million accounts in the USA were affected, as well as around 50 million in Vietnam, and around 18 million here in Britain. The leaked data was being stored within an online server that could be openly accessed without the need for a password.

Though Facebook confirmed the report and didn’t try to deny that it had happened, the social media firm did downplay the scale of the problem, highlighting how the total number of affected users was likely to be ‘around half’ owing to the fact that many of the phone numbers were duplicate entries. Even so, this would still leave the number at around the 200 million mark.

‘The dataset has been taken down and we have seen no evidence that Facebook accounts were compromised (…)’

Facebook spokesperson
Data Harvested from 50 Million Facebook Profiles in Major Breach

The open online server was supposedly only available until around Wednesday of last week, at which point TechCrunch contacted the host of the website to request that it be taken offline. However, new information came to light on Friday that suggested the information was still available online according to several major media outlets.

It transpired that another server was accessible as late as Thursday evening, which contained exactly the same dataset as the originally-discovered server. It is understood that this was part of a now-removed feature that allowed users to search for each other by their phone number using the Facebook website or app. According to CNET, this second server was discovered by a man named Elliot Murray, the CEO of WebProtect, a cybersecurity company.

Following this latest lapse in Facebook’s security, Kate Bevan, Computing Editor for Which? released the following information:

‘Facebook has taken positive steps to tighten security since this breach but it will still worry users that millions of phone numbers could make it into the hands of criminals – leaving them open to being targeted by cold-calling, fraudsters and other scams (…)

If you’ve uploaded your phone number to Facebook at any point, it’s worth being extra-vigilant about calls claiming to be from tech support warning that your computer or router is compromised and other unexpected cold callers (…)

Facebook must also reassure users that their data is being properly protected following this confirmation.’

Kate Bevan, Computing Editor for Which?
facebook security breach

As a Which? Trusted Trader, WiseGuys cannot agree more with the information provided above. Though this leak doesn’t hand fraudsters access to your account, it does increase the likelihood that some victims of the breach could be targeted by an influx of spam calls, particularly as this dataset may have even made its way into the hands of telemarketers or cyber criminals. So, if you’re dealing with a call from an unknown number, always remember the following:

  • You should never hand over your personal details over the phone, unless you’re dealing with a company that you trust or have called directly yourself;
  • Criminals have ways of spoofing their phone number so that it appears to belong to a genuine entity like your bank. If in doubt, hang up from a telephone call and dial a number directly that you know to belong to the company you want to speak to;
  • Make sure you have a dial tone on the end of the line before making a call. Even if you hang up on a scammer, they can keep the line open by not hanging up on their side;
  • Scammers routinely use a tactic where they’ll advise there is a problem on your computer and may request remote access to your machines. Unless you’re dealing with a trusted support company like WiseGuys, don’t allow a third-party access to your devices or to install any software onto your computer.

If you need any advice on keeping your personal information and devices safe from threats like these, or want advice on how to handle cold calls that may have malicious intent, then get in touch with WiseGuys on 0808 123 2820 and we can walk you through the common red flags that you should watch out for on unsolicited calls such as these.