Cyberhacker Sold Millions Of Facebook Users’ Phone Numbers Through Telegram App

An internet hacker has been selling millions of Facebook users’ cellphone numbers through the messaging application Telegram. 

According to the New York Post, a cybercriminal created a bot that pulled information from a mega database of phone numbers on Facebook. This happened just before the social media platform fixed a security issue back in 2019. As of Tuesday morning, the bot has been blocked, according to a spokesperson for Telegram. However, there are no details on how long the bot had access to the information.

The outlet reports that anyone who pulled up the bot’s Telegram could type in a person’s Facebook ID, and the bot would retrieve the person’s phone number. It could also link a person’s number to their Facebook ID. However, the catch was that the bot wouldn’t allow a person to see the entire phone number unless the interested person paid a fee. Some of the prices were between $20 for one “credit” to $5,000 for 10,000 credits.

The bot was identified about two weeks ago by Alon Gal of the cybersecurity firm Hudson Rock. The person who created the bot claimed to have a phone address book of 533 million Facebook users in several countries. “It is important that Facebook notify its users of this breach, so they are less likely to fall victim to different hacking and social engineering attempts,” Gal told Motherboard.

The data reportedly comes from a security issue that dates back to 2019. It allowed cyberattackers to match phone numbers to user profiles with the help of sophisticated software. “This is old data,” a Facebook spokesperson told The New York Post in an email. “We found and fixed this issue in August 2019.” 

Facebook says it has checked to see if the Telegram bot is still working and confirmed it is not. However, the people whose phone numbers were already traced are pretty much out of luck unless they change their numbers.