According to Business Insider, the leak contains sensitive details on 533 million Facebook users, including phone numbers, Facebook IDs, full names, places, birth dates, bios, and, in some cases, email addresses.

In an email statement, a Facebook spokesperson said, “This is old data that was previously reported on in 2019.” “In August of this year, we discovered and resolved this issue.” According to Alon Gal, A few days ago a user created a Telegram bot allowing users to query the database for a low fee.

This obviously has a huge impact on privacy. pic.twitter.com/lM1omndDET — Alon Gal (Under the Breach) (@UnderTheBreach) January 14, 2021 The company fixed a flaw in its systems that caused the information to leak out at the time. Once such knowledge leaves Facebook’s network, however, the company has no ability to prevent it from spreading online. On Saturday, Alon Gal, the chief technology officer of cybercrime intelligence firm Hudson Rock, rediscovered the data.

This means that if you have a Facebook account, it is extremely likely the phone number used for the account was leaked. I have yet to see Facebook acknowledging this absolute negligence of your data. https://t.co/ysGCPZm5U3 pic.twitter.com/nM0Fu4GDY8 — Alon Gal (Under the Breach) (@UnderTheBreach) April 3, 2021 Databases aren’t usually circulated widely right away, particularly if they’re big or uncommon, since “the people who possess them will attempt to monetize them for as long as they can,” Gal said in a Twitter message. “The phase can take years or days, but if private databases are sold around, they will inevitably leak.” Facebook’s business model of collecting a vast amount of personal data and using it to sell targeted advertising is under pressure due to data leaks. According to Business Insider, the information is available for free on a hacking website, rendering it easily open to everyone with rudimentary data skills. Several records were checked by comparing known Facebook users’ phone numbers to the IDs specified, and others were confirmed by checking email addresses from the data set in Facebook’s password reset function, which can be used to expose a user’s phone number in part.