CIRCL has issued a Technical Report TR-62 explaning the risks and providing useful recommendations to Facebook users
On Saturday 3rd 2021, a leak of Facebook records (533 million users) became publicly accessible on a leak-market forum. The leak contains information such as mobile phone numbers, Facebook ID, first names, last names, location and additional information such as date of birth or work place. There are 188201 entries for Luxembourg. Facebook mentioned that the vulnerability used to extract the information was reported and fixed in 2019
Such leaks can be useful to many criminals or threat actors in order to conduct various attacks or fraud, such as phishing, vishing or social-engineering. Vishing is a technique using voice or SMS services to conduct phishing attacks. Phones are also used in various services for password recovery and this could be used to gather additional information from the existing data leak.
- Be careful with any suspicious SMS messages or voice calls. Don’t take any action, such as revealing personal information or manual authentication requests in such a call
- Don’t link professional mobile phone with personal accounts
- If you are not expecting any specific calls, discarding the call is usually the best option
- If your phone was associated with an anonymous account, change your phone number
- If you want to setup two-factor authentication, the recommended order is from hard token then soft token and phone number as a last resort
Read the full Technical Report TR-62 issued by CIRCL here.