6 questions about the alleged "flight" of 1.5 billion Facebook profiles

While Facebook is experiencing an absolutely historic breakdown at the beginning of October 2021, another potentially equally worrying parallel news complicates the life of the first social network in the world.A publication of the Privacy Affairs site reports that a database concerning 1.5 billion Facebook accounts would be on sale on a forum of hackers.But the story of this "hack" seems doubtful.Here is what emerges from this case.

Be careful, it should be well emphasized that these two events are absolutely not linked to each other.

What are we talking about exactly?

Potentially "the biggest amount of Facebook data ever put into circulation to date", according to Privacyaffairs.The database in question would contain names, emails, location statements, telephone numbers as well as information concerning gender identity of more than half of the Facebook accounts in the world.Suffice to say that the file would be huge.All this data would now be on sale.

The vagueness remains on the way in which such precise information has been able to come out and if the elements in question are exhaustive for all of the affected accounts.It is possible that certain lines of the database are incomplete, containing only an email or a telephone number.It is also possible that part of the archive comes in fact other leaks that affected the social network.In all cases, on this scale, this represents a considerable amount of data.

The seller behind the offer claims that all this information is fresh this year.He also indicates working for a company that would specialize in data recovery on Facebook.On the net there are traces of this company (which Numerama has decided not to appoint), including a YouTube account in which videos detail the methods to extract data on Facebook.

A lordvignestroes used on the company's YouTube channel behind the hack

But unlike a classic data leak, obtained by accessing an internal database, the method used is different.In other words, the data would have been raised by Facebook pages "scraping".

What is scraping?

What is called "scraping" means a computer process consisting in collecting data on a web page, thanks to a script, that is to say a program designed to perform a specific task.In this case, the program automates the aspiration of information that enters its radar, according to the instructions contained in its lines of code.

Compared to fraudulent access taking advantage of the negligence of an employee (thanks to a phishing operation for example) or the exploitation of a flaw that has not been corrected, scraping is a technique that is accessible.Indeed, it only takes what is visible on the net.Anyone who has development skills can develop its own scraping tool.

If this extraction is within many reach, its legality is very questionable and can quickly flirt with the yellow line.Indeed, this method consists in recovering what is publicly accessible, according to the rules defined by the script.However, what is publicly accessible does not mean that it is a public fact.It can be personal, even sensitive data.And in this case, the law applies.That, even if there has been a certain negligence of people when they shared their information on this or that site.

Usually, the conditions of use of the sites deal with scraping by prohibiting it - sometimes taking technical arrangements to limit the volume of requests sent.But new flaws are constantly discovered.

Does this have a link with the Facebook failure?

It is a funny chance, which could encourage the two events closer.But the circulation of this alleged archive containing personal data of 1.5 billion Facebook accounts has nothing to do with the exceptional breakdown that has put all the network of the net of the net.The elements that emerge from this technical dysfunction suggest a configuration problem, which has nothing to do with scraping.

Is this leak credible?

Scraping or not, a leak of such magnitude necessarily raises the question of the credibility of the case, because we speak of an archive which would contain one or more personal data of more than one person in seven living on earth - wellthat there are also a lot of false accounts on Facebook.Recovering so many elements on as many profiles constitutes a tour de force, including with the support and resources of a company that would be unscrupulous.

On the forum where the announcement was posted, and before the atypical allegations of the author of the discussion, many members nevertheless display their perplexity.Several very influential accounts doubt the actual size of the file, or even its existence.Another assures having already tried to buy data from the seller (in another case), but without ever receiving anything.Furthermore, the possibility that this file is made up of several other Facebook databases found on the web is not to be excluded either.

It seems that the database was put up for sale on September 22.It would therefore be a dozen days that such a file would potentially circulate on the net.Without it having been noticed.This does not necessarily mean that the case is a bad hoax, but you still have to be careful.

Has there been any other similar affairs?

Scraping did not wait for Facebook to exist.Consequently, this is (unfortunately) not the first time that a database resulting from an extraction operation has occurred, whether against Facebook or any other site.But the net giant, by its size, necessarily attracts this type of activity much more.It’s the back of the medal when you get as many people in one place.

There is no shortage of examples.In September 2019, 419 million telephone numbers had been obtained via this method.In June 2021, it was 500 million numbers that ended up on the web.Always gleaned on Facebook.More recently, the LinkedIn professional social network has found itself twice in the same case as Facebook.Once in April and once in June.

A computer connected to Facebook

The simplicity of scraping makes it a very popular "attack" method, much more accessible than operations that would require entering the internal network of a social network like Facebook.It is therefore common to see ads flower on interlop sites, like this one.Even if, once again, the size of the database we are talking about today is considerable.

What to do to protect yourself?

By definition, all the information you share in public on the web is likely to be recovered via scraping tools.To protect yourself, the best way is therefore to never share any public information publicly on the web.Or, in any case, as little as possible.It may be wise, moreover, to check that you leave almost nothing about your Facebook profile in public.

Make all its traces of the net disappear being a slightly radical solution and not always easily applicable, even in practice impossible to really implement, there are other methods to protect yourself from this kind of extraction.So, check well, on all your social networks, that your phone number and other personal information is not publicly visible.And sparingly share this kind of information on any platform.

Once in nature, these data are used to build very convincing phishing campaigns, that it can be difficult to thwart.The more a malicious actor will have data on you, the less it will be difficult to pretend to be your bank or your insurance.Or simply send you spam.So be careful when you receive a phone call or an email that seems a little ladle.