Facebook logins are being sold on the dark web after 50 million users hacked. Last Friday (28 Oct) Facebook announced the biggest attack on the company in its 14-year history, after it was discovered 50 million accounts had been exposed.
Attackers gained access to the accounts through a vulnerability discovered after the Facebook’s “view as” feature was introduced earlier in the year
The feature allows users greater control of their privacy by letting them view their account as another user. Once attacks gained access to the Facebook accounts, they also gained access to accounts logged in via Facebook such as Tinder, Instagram, Airbnb and Spotify.
Since Friday’s attack the Facebook logins for the leaked accounts have started appearing for sale on the dark web, for as little as $3.90 each, with some email logins being sold for $2.70, according to Money Guru
Researchers found that for $970 it was possible to purchase a person’s online footprint, including all usernames, passwords and email addresses. The best way to protect yourself and your accounts is to always opt for a multiple step verification process where possible. For example, a 2-factor authentication any time you log into Facebook from a new device.
UK Based company Money Guru, who released these findings, said social media account details are frequently targeted by hackers because they give a good insight in targeted advertising. The report found that other accounts were also being offered for sale on the dark web. Reddit accounts came in slightly cheaper at $2.09, and Instagram and Pintrest on the more expensive end at $6.30 and $8.48 respectively.
Facebook has said that they are working with the FBI in investigating the hack and will inform users when they know more. CEO Mark Zuckerberg has assured users that passwords and credit card information was not accessed.