Massive Breach Leaks 1.2B User Records from Facebook
A threat actor has allegedly scraped a massive 1.2 billion record dataset from Facebook by abusing one of the platform’s APIs. The dataset, posted on a data leak forum, reportedly contains usernames, emails, phone numbers, birthdays, locations, and more.
This appears to be one of the largest Facebook data leaks to date, echoing past incidents like the 2021 leak of 500 million users, which led to a €265 million fine from EU regulators. If accurate, the scrape reflects ongoing vulnerabilities in Meta’s approach to public data protection, especially when exposed through API misuse.
Without unified network and endpoint monitoring, API activity oversight, and regular vulnerability scanning, organizations run a high risk of breach. Businesses must proactively secure data channels — especially APIs — to prevent mass scraping and reduce the threat of phishing, identity theft, and widespread privacy breaches. Reactive measures are no longer enough in the face of automated, large-scale cyber threats. Read more about this story on our LinkedIn page
This appears to be one of the largest Facebook data leaks to date, echoing past incidents like the 2021 leak of 500 million users, which led to a €265 million fine from EU regulators. If accurate, the scrape reflects ongoing vulnerabilities in Meta’s approach to public data protection, especially when exposed through API misuse.
Without unified network and endpoint monitoring, API activity oversight, and regular vulnerability scanning, organizations run a high risk of breach. Businesses must proactively secure data channels — especially APIs — to prevent mass scraping and reduce the threat of phishing, identity theft, and widespread privacy breaches. Reactive measures are no longer enough in the face of automated, large-scale cyber threats. Read more about this story on our LinkedIn page