As recently announced, a bug in Facebook’s contact import tool was exploited to send an Millions of user data come from all over the world. Around 533 million users are affected globally, around 6 million in Germany alone. For comparison: at the end of 2020, the social network had almost 2.8 billion active users worldwide, i.e. those who log in at least once a month. In Germany there are a total of almost 50 million users. A not inconsiderable proportion of Facebook users is therefore affected.

Also interesting: Godzilla vs. Kong starts successfully and thus makes for a cinema record

Masses of data collected

Attackers could gain access by exploiting a bug in the contact import tool collect the data by scraping. This worked via public information from users on the social network, so it does not constitute a hack, which Facebook also points out in a statement. The affected gap in the tool has been closed since September 2019, it also says.

Phishing attack data

The attackers therefore did not get payment data, health information or passwords. But very much in names with matching employers and places of residence. E-mail addresses and, in some cases, telephone numbers. Even if this data alone is not enough to cause serious damage, it is possible to contact the affected user and start the attempt, Access passwords or payment details via phishing.

Numerous phising SMS

Currently, depending on the provider in Germany, there are more and more phishing SMS messages that pretend to be information Online orders to contain. If you click on the link in such an SMS and enter personal data in the mask that opens, phishing attackers can access the same information.

Facebook does not inform

Back to the Facebook user data that has become public. As the company announced, one will Do not inform potentially affected users. The reason: firstly, you don’t know exactly who is affected and secondly, users can’t do anything about it anyway. Instead, Facebook gives the advice to take care of data protection independently and actively and not, for example, to share information publicly at will.

Data is offered online

The data sets with the information from the scraping via the contact import tool are meanwhile still offered online, broken down by country. The information of around 6 million affected German users are also thereThe data set is just over 600 MB in size. According to security researchers, this is valid data.

Swell: The Verge / Facebook-Newsroom / Caschy’s blog



      Image for PCGH advice recommendation for less than 3,000 euros

We have marked affiliate links with an asterisk. We receive a small commission for a purchase via our link and can thus partially finance the website, which can be used free of charge, with this income. There are no costs for the user.