• Home
  • News
  • Coins2Day 500
  • Tech
  • Finance
  • Leadership
  • Lifestyle
  • Rankings
  • Multimedia
Tech

Data on Hundreds of Millions of U.S. Facebook Users Exposed

By
Alyza Sebenius
Alyza Sebenius and
Bloomberg
Bloomberg
Down Arrow Button Icon
By
Alyza Sebenius
Alyza Sebenius and
Bloomberg
Bloomberg
Down Arrow Button Icon
December 20, 2019, 7:57 PM ET

Information on 267 million Facebook users, including user names, phone numbers and Facebook IDs, was exposed online, according to a cybersecurity researcher.

The data, mostly from U.S. Facebook users, was posted on a searchable database by a group that appeared to be based in Vietnam, said Bob Diachenko, the cyber threat intelligence director at Security Discovery, a Ukrainian cybersecurity website that offers news and consulting services. The Vietnamese group appeared to be charging for access to the data, but a flaw in their code inadvertently left the database open to all, he said.

A spokeswoman from Facebook said that the company was looking into the issue. She said the information was likely obtained before Facebook made changes in recent years to better protect people’s information.

It wasn’t known if any of the user information was accessed or sold by the Vietnamese group. Diachenko partnered with Comparitech, a website that seeks to help consumers research and compare tech services, to uncover the exposed data.

Of the affected users, 99% were from the U.S. And most of the others came from Vietnam, Diachenko said. He said he surmised that the group that was selling access to the information was from Vietnam because of the use of Vietnamese language and because the data — its type and structure — resembles that of other data breaches conducted by Vietnamese hackers.

The exposed information — particularly if cross referenced with other databases — could be used for sophisticated spam or phishing attacks, he said. “This is pretty significant because you can start getting a full profile of a person,” Diachenko said of the data.

Diachenko said he contacted the internet service provider hosting the database, and it was removed on Thursday.

More must-read stories from Coins2Day:

—7 companies founded in the last 10 years that you now can’t live without
—The world’s fourth-largest economy is going cashless
—2020 Crystal Ball: Predictions for the economy, politics, technology, etc.
—Can tech save the air travel industry from its delay problem?
—How to make sure your in-flight Wi-Fi isn’t terrible
Catch up with Data Sheet, Coins2Day’s daily digest on the business of tech.

About the Authors
By Alyza Sebenius
See full bioRight Arrow Button Icon
By Bloomberg
See full bioRight Arrow Button Icon
Rankings
  • 100 Best Companies
  • Coins2Day 500
  • Global 500
  • Coins2Day 500 Europe
  • Most Powerful Women
  • Future 50
  • World’s Most Admired Companies
  • See All Rankings
Sections
  • Finance
  • Leadership
  • Success
  • Tech
  • Asia
  • Europe
  • Environment
  • Coins2Day Crypto
  • Health
  • Retail
  • Lifestyle
  • Politics
  • Newsletters
  • Magazine
  • Features
  • Commentary
  • Mpw
  • CEO Initiative
  • Conferences
  • Personal Finance
  • Education
Customer Support
  • Frequently Asked Questions
  • Customer Service Portal
  • Privacy Policy
  • Terms Of Use
  • Single Issues For Purchase
  • International Print
Commercial Services
  • Advertising
  • Coins2Day Brand Studio
  • Coins2Day Analytics
  • Coins2Day Conferences
  • Business Development
About Us
  • About Us
  • Editorial Calendar
  • Press Center
  • Work At Coins2Day
  • Diversity And Inclusion
  • Terms And Conditions
  • Site Map

© 2025 Coins2Day Media IP Limited. All Rights Reserved. Use of this site constitutes acceptance of our Terms of Use and Privacy Policy | CA Notice at Collection and Privacy Notice | Do Not Sell/Share My Personal Information
FORTUNE is a trademark of Coins2Day Media IP Limited, registered in the U.S. and other countries. FORTUNE may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.