Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

380m scraped Facebook records allegedly for sale

A database allegedly containing 380 million records of Facebook users has been listed for sale by a threat actor.

user icon Daniel Croft
Thu, 28 Nov 2024
380m scraped Facebook records allegedly for sale
expand image

On 27 November, in a post to a popular hacking forum, a threat actor by the name of “BrokerAB” claimed to have freshly scraped 380 million Facebook user records.

According to the listing, data includes user IDs, names, email addresses, usernames, mobile phone numbers, locations, birth dates, and genders.

“Database Contains 100% Emails & Phone numbers with all details,” BrokerAB said.

============
============

The threat actor also provided a sample of the data belonging to users from Singapore, which included the field listed above.

While the data appears to be legitimate, another forum user questioned the validity of the incident being a Facebook scrape.

“Ok I have a hard time believing its real,” user chanvria said.

“As far as I know, your Singapore sample can be from a local third party app only used by people in Singapore [or something].”

BrokerAB has yet to acknowledge the question, which also requested data from Switzerland, Belgium or Luxembourg to prove legitimacy.

Earlier this month, another threat actor claimed to have 540 million records that it scraped from Instagram.

On the same popular dark web forum, threat actor “YoursData” initially claimed to have scraped 489 million lines of Instagram data from the last three months.

“Scrape through Instagram API Both Public & Hidden Details included,” the threat actor said.

The threat actor soon provided updates saying the number of lines of data was increasing, with the latest update saying that there are 540 million lines for sale.

YoursData said the scraped data includes usernames, full names, “scrape_target_username”, follower and following counts, account creation dates, biographies, external URLs, account category, location, “id”, and “scrape id”.

The threat actor also posted “100+” record samples. Based on Cyber Daily’s observations, each record contains multiple types of data for the same individual, which could mean that 540 million users are at risk, over a quarter of Instagram’s 2 billion monthly active users.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.