In October 2019, dark web researcher Vinny Troia discovered a data ‘treasure” trove of exposed and easily accessible on an unsecured server, comprising 4 terabytes of personal information—about 1.2 billion records in all. It consists of scraped information from social media sources like Facebook and LinkedIn.
The data included social media accounts plus 50 million phone numbers and 622 million emails. The expert who found the hoard is not sure who hosted the server or if anyone has accessed it; however, the find signals weaknesses with many social media accounts and the providers of content.
To look at the find in more detail, Robert Prigge, President of Jumio tells Digital Journal why the size of this data issue matters: “If you find the term “mega-breach” concerning, it’s with good reason. The scale of this breach is massive, with 1.2 billion Facebook, LinkedIn and Twitter profiles exposed, as well as 662 unique email addresses and 50 million phone numbers.”
He also notes that that the way the information as collected and stored was unusual: “It’s interesting that this breach leaked data that is for legitimate sale on the internet via data-selling companies. We can say with absolute certainty that this compromised data will also find a home on the dark web, where it will be bought and sold for profit and combined with other available information to create a “fullz”, giving fraudsters everything they need to commit automated account takeover fraud.”
Prigge notes that this type of data breach remains an ever present concern: “We live in an era where information from disconnected data breaches, as well as legitimate data-selling companies, are often combined to create comprehensive identity profiles on the dark web, incorporating everything from personal identifiable information, to job history, to shopping preferences, to dating profiles, and more. The deep level of intel available is frightening, and it’s making it extremely easy for criminals to commit digital identity fraud via a number of different ways.”
He sees Facebook as particularly vulnerable: “This breach alone exposed Facebook profiles, as well as email addresses, and all fraudsters need to do is look for a consumer’s exposed passwords in a disconnected breach and they will have a good chance at gaining access to their Facebook account, and subsequent connected accounts, since 50 percent of Americans recycle passwords across multiple websites.”
This means, according to Prigge, people need to take a new approach to security: “This is why traditional authentication methods, like passwords and 2FA, or authentication methods that can easily be guessed, like KBA, need to be eliminated. It is critical that organizations adopt biometric-based authentication to ensure a user is who they say they are when operating online.”