Facebook Marketplace users face grave danger as personal data, including names, phone numbers, emails, and Facebook IDs, has been stolen and disclosed on a dark web forum. The breach, affecting hundreds of thousands, heightens the risk of phishing and identity theft.
Reportedly, a data leaker using the alias IntelBroker unveiled 200,000 Facebook Marketplace records on an underground forum. This information, obtained from a breach by another individual known as “algoatson” on Discord, includes sensitive personal details and Facebook profile data.
The breach occurred through a Meta contractor managing cloud services for Facebook, compromised by “algoatson” in October 2023. IntelBroker disclosed this in a forum thread, indicating the partial nature of the stolen database.
Validating the seriousness of the breach, BleepingComputer verified the authenticity of some data by cross-referencing email addresses and phone numbers. This underscores the severity of the situation, with users vulnerable to various cybercrimes.
Data Exploitation by Cybercriminals
Hackers can exploit your data in various harmful ways. IntelBroker, a notorious leaker, has a history of exposing sensitive information from major corporations, including DC Health Link, Hewlett Packard Enterprise (HPE), General Electric Aviation, and Weee!.
This data is a goldmine for cybercriminals worldwide. Armed with personal details, they can execute convincing phishing scams, infiltrate devices, and potentially steal funds and cryptocurrencies. They may also target businesses with malware, ransomware, and destructive Business Email Compromise (BEC) attacks.
Companies hit by data breaches often provide free identity theft protection services to those affected.
Meta has not yet issued a formal statement regarding the breach.