Skip to Main Content

Facebook accidentally leaks phone numbers of 419 million users.

The phone numbers of hundreds of millions of facebook users have been discovered online. 

Facebook Article.jpg

A security researcher found 419 million records on an unsecured server, meaning no password was needed to access them.

A total of 18 million were from users in the UK, while around 133 million were from American accounts. 

The records contained not only the users’ phone numbers but also their Facebook identification, which can be used to discern a person’s Facebook username.

Some records included the person's gender and location details. 

One way the phone numbers could be exploited is through so-called SIM-swap attacks, whereby hackers intercept passcodes sent to the numbers for two-factor authentication logins.

This would allow them to break into the personal accounts of Facebook users and view private messages or hijack the user’s posts. They could also intercept one time passcodes to break into any number of personal accounts.

Facebook users whose numbers were exposed will also be vulnerable to spam calls, while one security researcher warned that hackers could actually use the data to hijack someone’s phone.

Facebook said the phone numbers have now been taken down and claims there is no evidence that any accounts were compromised with SIM-swapping attacks.​​​​​​​