There’s always some website getting hacked and giving up individual user’s personal data such as their usernames, email accounts. passwords, credit card numbers and so on.

One of the larger social media hacks was identified earlier this month and the data stolen is now for sale on the dark web. 3.8 billion Clubhouse and Facebook user records were allegedly scraped, merged and put up for sale online. The individual(s) who have this cache of data are asking $100,000 for the full database of 3.8 billion entries but is also willing to split the archive into smaller portions for potential buyers.

What’s in the Clubhouse/Facebook compilation?
The compilation was allegedly created following the July 24 Clubhouse scrape, where a ‘secret database’ of over 3.8 billion phone numbers, which were allegedly scraped from breached Clubhouse servers, was put for sale on a hacker forum. The numbers purportedly belonged to Clubhouse users and people from their phone contact lists.

What does this mean for you?
The data from the compilation can be used by threat actors against potential victims in multiple ways:

  • Carrying out targeted phishing and other social engineering campaigns.
  • Spamming 3.8 billion phone numbers and Facebook profiles.
  • Brute-forcing the passwords of the affected Facebook profiles.

If you suspect that your Clubhouse or Facebook profile data might have been scraped by threat actors, you should:

  • Use a data leak checker to find out if your Facebook or Clubhouse data was included in previous scrapes or leaks.
  • Beware of suspicious Facebook messages and connection requests from strangers.
  • Change the password of your Clubhouse and Facebook accounts.
  • Consider using a password manager to create strong passwords and store them securely.
  • Enable two-factor authentication (2FA) on all your online accounts.

Also, watch out for potential phishing emails and text messages. Again, don’t click on anything suspicious or respond to anyone you don’t know.

If you’ve used the same email account for a few years, your information could already be for sale on the dark web right now. Checking and then taking appropriate action will help keep you safer online.

https://haveibeenpwned.com/

https://cybernews.com/personal-data-leak-check/

It’s a good idea to check your email address and mobile phone number on a regular basis.

*During the segment, guest co-host Matt asked David about password managers and David said that we use the Families version of LastPass.  When asked how much it cost, David mentioned the Free version and then said that he thought it was $9.99/year.  It’s actually $4/month when paid annually.

Deliver David's Tech Talk to my inbox

We'll send David's weekly Tech Talk to your inbox - including the MP3 of the actual radio spot. You'll never miss a valuable tip again!