ShellCodeX
Tools • Events • News • Insights
ShellCodeX Breach Report

Facebook Data Breach

facebook.com
Massive exposure
Verified breach
Accounts exposed 509,458,528
Breach date 01 Aug 2019
Added to tracker 04 Apr 2021
Data classes 8

What happened

In April 2021, a large data set of over 500 million Facebook users was made freely available for download. Encompassing approximately 20% of Facebook's subscribers, the data was allegedly obtained by exploiting a vulnerability Facebook advises they rectified in August 2019. The primary value of the data is the association of phone numbers to identities; whilst each record included phone, only 2.5 million contained an email address. Most records contained names and genders with many also including dates of birth, location, relationship status and employer.

Exposed data

Dates of birth Email addresses Employers Genders Geographic locations Names Phone numbers Relationship statuses

Recommended actions

  • Watch for targeted phishing emails referencing Facebook — attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Exposed identity data raises identity-theft risk — consider credit monitoring or a credit freeze.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP