Massive Facebook Data Breach: 533 Million Users’ Phone Numbers and Personal Information Leaked Online

Massive Facebook Data Breach: 533 Million Users' Phone Numbers and Personal Information Leaked Online

A user in a low-level hacking forum has published the phone numbers and personal data of hundreds of millions of Facebook users free online. According to a report on, this exposed data includes the personal information of more than 533 million Facebook users from 106 countries, including 32 million records on users in the United States, 11 million in the United Kingdom and 6 million in India. The leaked information includes users’ phone numbers, Facebook IDs, full names, locations, birthdates, bios, and in some cases, email addresses.

Vulnerability in the System

A Facebook spokesperson told Insider that the data was scraped because of a vulnerability that the company patched in 2019. While a couple of years old, the leaked data could still provide valuable information to cybercriminals who use people’s personal data to impersonate them or scam them into handing in login credentials. A database of this size containing the private information of so many users would certainly lead to bad people taking advantage of the data to perform social engineering attacks or hacking attempts, experts say.

This is not the first time that a large number of Facebook users’ phone numbers have been exposed online. The vulnerability that was uncovered in 2019 allowed millions of phone numbers to be stolen from Facebook’s servers in violation of the company’s terms of service. Facebook said that the vulnerability was patched in August 2019. Facebook users’ information was also scraped by Cambridge Analytica, which used the information in violation of Facebook’s terms of service to target voters with political ads in the 2016 election.

What Actions Can You Take?

If you find out that your personal data was stolen in a breach, it’s important that you protect your identity. How you respond depends on the type of data that was stolen. For example, if your social security number or driver’s license number was stolen, you will need to file a report with the appropriate government agency.

If your email address was exposed, you should change your password to that email account and set up multi-factor authentication to secure your email. If you find that your password itself was exposed, you need to change your passwords on all affected accounts right away. It is also a good idea to stay alert for any suspicious activity on any of your accounts.

Corporations Have a Responsibility

Corporations like Facebook have a responsibility to protect their users’ personal information. Those who sign up with a reputed company like Facebook are trusting them with their personal information and Facebook has a responsibility to treat that data with the utmost care and respect. When such important data is stolen or leaked, that amounts to a huge breach of trust.

If you have been affected by this Facebook data breach or by any data breach, you may be able to join a class-action lawsuit to hold these corporations accountable. An experienced California class action lawyer will be able to advise you regarding your legal rights and options.


FREE Case Evalution

Our staff will evaluate your case submission and respond in a timely manner.

California Personal Injury Blog