It no secret that Facebook recently experienced a major breach in security, leading to the compromise of over 30 million user accounts. Folks who were affected by the massive snafu not only had to clean the cobwebs out of their Facebook account, they also had to cope with unauthorized logins to a number of other accounts like Google, Instagram, and even Paypal. But now, it appears this data malfeasance has led to a lot more than just some hacked passwords and suspicious account activity—it has made its way over to the dark web. And that’s never a good thing.
There has been a recent fire sale of hacked Facebook accounts on the world’s darkest underground network. For the low, low price of just three dollars, a website traced to St. Petersburg, Russia has offered the personal data of compromised users who lost their account protection during the incident. And not just names and phone numbers—these cybercriminals are also in possession of all the private conversations contained in Messenger, which exposed a whole new level of user privacy. This type of sensitive personal data is great material for hackers, who can exploit it for all sorts of purposes, including identity theft and extortion. That’s right—extortion. Hackers have already published the private messages of over 81,000 Facebook users on the darknet in an attempt to scare victims and force them to pay up.
According the BBC media outlet, cybercriminals behind the darknet sales called the BBC Russian Service to reveal they had the details of 120 million Facebook accounts in their possession that they are now trying to sell. The BBC asked the cybersecurity company Digital Shadows to confirm this report, and they were told hackers did, indeed, gain access to the private messages in all the breached accounts. And when the BBC Russian Service contacted a few of the actual users whose messages and images appeared on the darknet, they were confirmed to be legitimate.
Facebook released a statement a while back stating their security had not been compromised, but rather, had been obtained through malicious browser extensions. When the breach was first reported, they insisted they had taken all the necessary steps to prevent further molestation of the stolen information—and yet, the darknet says otherwise.
According to Facebook bigwig, Guy Rosen, “We have contacted browser-makers to ensure that known malicious extensions are no longer available to download in their stores.” He goes on to say, “We have also contacted law enforcement and have worked with local authorities to remove the website that the displayed information from Facebook accounts.”
But cybersecurity experts are skeptical of Facebook’s claims. They content that if Facebook did, in fact, know about these malicious extensions but did not watch them carefully, their developers could arguably be accused of negligence. Either way, Facebook seems to have realized the tenuousness of their situation and is now courting various cybersecurity companies in an attempt to boost their defensive posture and their flagging reputation.