The Socialarks website server suffered a massive 400GB data breach from Facebook, Instagram and LinkedIn users. In France there are more than 810,000 profiles.
It is a Chinese start-up, Socialarks, that was the victim of this data breach. Safetydetectives has found that its server containing personal information about at least 214 million LinkedIn, Instagram and Facebook users around the world was freely accessible. In total, more than 400 GB of personal data was exposed. “Our team discovered that the ElasticSearch server was publicly exposed without password protection or encryption.”, explains the security detectors on your site, specifying that “The absence of a security device on the company server means that anyone in possession of the server’s IP address could have accessed a database containing the private information of millions of people”.
“From the data we discovered, it was possible to determine full names, country of residence, place of work, job title, contact information and direct links to their profiles.”, again indicates the company that describes itself as “The World’s Largest Virus Scanning Website”. The data in question comes from the three social networks LinkedIn (more than 66 million user profiles), Facebook (more than 80 million) and Instragam (more than 11 million). Regarding the latter, Safetydetectives specifies that “High-profile influencers, including prominent food bloggers, celebrities and other influencers on social media” are affected by the data breach. In France there are more than 810,000 profiles (680,000 on LinkedIn, 109,000 for Facebook and 28,000 for Instagram), compared to 29.4 million in the United States.
Risk of scams, fraud and “phishing”
Such data theft presents several risks, including identity theft and financial fraud. Malicious persons who possess this information can also use it to “Targeted scams, including sending personalized emails containing other personal information about the target, thereby gaining their trust and setting the stage for a deeper intrusion into their privacy.” “Users can also be attacked with clicks that lead to the installation of malicious software and phishing.”, details the cybersecurity specialist.
However, Safetydetectives says it ignores how the Chinese company was initially able to access personal information, part of which was not accessible from the three social networks. These include, for example, private phone numbers and email addresses of users who have not disclosed them publicly in their accounts. “Also, the fact that such a large, active, data-rich database has been left completely insecure (probably for the second time) is surprising.” It is indicated. In fact, this is not the first time that Socialarks has been the victim of a data breach. In August 2020, the same event resulted in the disclosure of the data of 150 million LinkedIn, Facebook and Instagram users.
SEE ALSO – Trump and His Supporters Excluded From Social Media