A significant breach on Facebook Marketplace has exposed hundreds of thousands of users to potential cyber threats. The breach, reported by BleepingComputer, revealed that a data leaker known as IntelBroker posted 200,000 Facebook Marketplace records on an underground forum.
This stolen data included individuals’ names, phone numbers, email addresses, Facebook IDs, and profile information. The hacker claimed that the data was a partial database stolen by another threat actor with the alias “algoatson,” who allegedly breached the systems of a Meta contractor in late 2023.
The severity of the breach was underscored by the fact that a random sampling of the data successfully matched email addresses and phone numbers, indicating that at least some of the information was valid. IntelBroker, a notorious leaker with a history of exposing sensitive data from major companies, has previously targeted organizations such as DC Health Link, Hewlett Packard Enterprise (HPE), General Electric Aviation, and Weee!.
The implications of such a breach are significant, as cybercriminals can use this information to orchestrate convincing phishing attacks, infiltrate devices, and potentially steal money and cryptocurrencies. Additionally, businesses are at risk of being targeted with malware, ransomware, and Business Email Compromise (BEC) attacks. In response to data leaks, companies often offer affected individuals identity theft protection services for free.
As of now, Meta has not issued a formal comment on the incident, leaving affected users vulnerable to potential cyber threats. This breach serves as a reminder of the importance of safeguarding personal data and the ongoing battle against cybercrime.
