Hackers sell private information of 267 million Facebook users on the Dark Web for just $600

Researchers say 267 million Facebook accounts have been sold on an online black market for just $600.

According to a report from researchers at the security firm Cyble the millions of accounts sold on the Dark Web contain personal information including first and last name, email addresses, phone numbers, Facebook ID’s and more.

Researchers purchased and verified the data themselves and have created a database for users to check and see if their email was included in the breach which can be viewed at AmIBreached.com. 

While the hack didn’t include any hyper sensitive information like passwords, it did expose information that could be used to orchestrate phishing scams on people across the world.  

‘At this stage, we are not aware of how the data got leaked at the first instance, it might be due to a leakage in third-party API or scrapping,’ reads a blog post from the researchers.

Given the data contain sensitive details on the users, it might be used by cybercriminals for phishing and spamming.’

Phishing scams use information like email addresses and Facebook ID’s to craft scams that fake Facebook login pages. 

When a victim types their login info into the field, hackers are able to scrape their passwords and other sensitive information which could be used for other nefarious purposes outside of Facebook.

As a result of the breach of the breach researchers are recommending that users make sure their Facebook privacy and security settings are up to par.

‘Cyble recommends users to tighten their privacy settings on their Facebook profiles, and be cautious of unsolicited emails and text messages,’ they write.

Last year a similar trove of Facebook emails was found circulating on the Dark Web containing 267 million Facebook accounts from mostly US users.