Facebook user records for 533 million users are being offered for free on online hacking forums, several sources report

The good news in this situation is that the data is old and has been available to cybercriminals for at least two years In a statement to The Record and Bleeping Computer, Facebook said the data was "scraped" from Facebook's website, copied without Facebook's permission, before the loophole was closed in 2019

We have reported on this same data stash, or parts of it, three times in the past

The bad news is that this data includes full names, email addresses, cell phone numbers, and sometimes birth dates Spammers and scammers can use the information to target people with personalized emails and text messages

The data is anchored to a phone number and was not stolen from Facebook Rather, it was more or less legally "scraped" from data that Facebook had made public

Facebook used to have a feature whereby typing in a phone number, even a stranger's, would bring up a link to the Facebook account associated with that number Only one number could be looked up at a time

What could go wrong? Soon someone had tampered with the computer, generated a phone number in a valid format, threw it at Facebook, and harvested the resulting list of accounts and all the details that were publicly available

The end result is a reverse phone book consisting of hundreds of millions of entries This is what is currently offered online

Even if you have a Facebook account, your data is not necessarily in this stash The person providing this data claims to have already broken it down into batches by country The US has about 323 million accounts, and Canada has about 35 million While this is a very large number of users, it is a small fraction of the estimated 258 million Americans and Canadians who use Facebook

Only those who gave Facebook their phone numbers are included, and even then, you may not be one of them

Given that the Facebook app for Android and iPhone tries to get your phone number and the phone numbers of all your contacts as soon as you install the app, Facebook probably has over 36 million North American phone numbers

So what can be done about this? Beware of irregular emails, texts, instant messages, and social media posts that promise get-rich-quick schemes or rewards, or tell you that you need to act urgently to avoid paying previously unknown fines or fees

Windows 10 antivirus software and Mac antivirus software will rule out scams on your computer; if you use an iPhone, keep your wits about you when responding to emails, texts, and messages

Troy Hunt, who runs HaveIBeenPwned, an information leak search service, analyzed the data set over the weekend and found only 25 million email addresses among 533 million personal records About 65% of the email addresses were already in the HaveIBeenPwned database, Hunt said on Twitter

Comparatively, there were not many records with birth dates either In other words, the data was mostly just phone numbers and names, like those in an old-fashioned phone book, but still useful to spammers and scammers

Hunt has added Facebook email addresses to the HaveIBeenPwned database and is considering whether to add phone numbers as well To see if your email address is affected,https://haveibeenpwnedcom/