At least 235 million users of Facebook-owned Instagram, China-based TikTok and Google-owned YouTube have been hit by a massive data leak and their personal profiles were up for grabs on the Dark Web.
According to security researchers from pro-consumer website Comparitech, an unsecured database was behind this data breach.
"The data was spread across several datasets and the most significant being two coming in at just under 100 million each and containing profile records apparently scraped from Instagram," reports Forbes, quoting the security researchers.
The third-largest was a dataset of some 42 million TikTok users, followed by nearly 4 million YouTube user profiles.
One in five records contained either a telephone number or email address of the users, along with profile name, full real name, profile photo, account description and number of followers and likes, etc.
"The information would probably be most valuable to spammers and cybercriminals running phishing campaigns," said Paul Bischoff, Editor at Comparitech.
"Even though the data is publicly accessible, the fact that it was leaked in aggregate as a well-structured database makes it much more valuable than each profile would be in isolation," Bischoff said in the report on Thursday.
According to the researchers, the leaked data points to a company called Deep Social banned by both Facebook and Instagram in 2018 after scraping user profile data.
"Scraping people's information from Instagram is a clear violation of our policies. We revoked Deep Social's access to our platform in June 2018 and sent a legal notice prohibiting any further data collection," a Facebook spokesperson was quoted as saying.
According to Comparitech, data marketing company Social Data later shut the unsecured database after it was reported to them.
"Social Data has denied any connection between itself and Deep Social," according to the Comparitech report.
Earlier this month, a hacker group known as ShinyHunters flooded a hacker forum with 386 million user records stolen from 18 companies.
According to BleepingComputer, ShinyHunters began uploading the databases to a forum where anyone can download them free of charge. Of the databases released since July 21, nine of them were already disclosed in some manner in the past.
This news has been published via Syndicate feed. Only the headline is changed.
An Appeal...
Dear Reader,
As you are no doubt aware, Swarajya is a media product that is directly dependent on support from its readers in the form of subscriptions. We do not have the muscle and backing of a large media conglomerate nor are we playing for the large advertisement sweep-stake.
Our business model is you and your subscription. And in challenging times like these, we need your support now more than ever.
We deliver over 10 - 15 high quality articles with expert insights and views. From 7AM in the morning to 10PM late night we operate to ensure you, the reader, get to see what is just right.
Becoming a Patron or a subscriber for as little as Rs 1200/year is the best way you can support our efforts.