The personal details of more than 553 million Facebook users have been published on a website for hackers, according to multiple reports over the weekend.
The details appeared on Saturday, according to Business Insider, and are also available in 106 different country-based packages, included 32 million records on users in the US, 11 million on users in the UK, and 6 million on users in India.
In a statement, Facebook said the data was from a breach of its servers that had occurred in 2019 and it had since plugged the security hole that allowed it to take place.
“This is old data that was previously reported on in 2019,” a Facebook spokesperson said. “We found and fixed this issue in August 2019.”
While the information appears to be old, the details in the shared database include phone numbers, Facebook IDs, names, locations, birthdates and email addresses, all of which could be used in social engineering attacks or hacking attempts.
In a tweet, cyber researcher Dave Walker said Facebook CEO Mark Zuckerberg was among the millions of users who had had their personal data posted on the forum.
The information was first discovered by Alon Gal, CTO of cybercrime intelligence firm Hudson Rock, who called the leak “a huge breach of trust” by Facebook that “should be handled accordingly,” but he added that there was little that the social network could do beyond warning people to stay on the lookout for phishing scams.
Concerned users are encouraged to check if their email address has been leaked in data breaches using the Have I Been Pwned website. Troy Hunt, the founder of the website, is also considering adding the leaked phone numbers to its search database.
This isn’t the first time that hackers have targeted Facebook for its vast trove of user date. In 2018, a security breach allowed hackers to steal data on 29 million users, including details on everything from username and relationship status, to religion, birthdate, and home town.