Facebook Data Breach

Facebook Data Breach 2021: 2 Billion Records Sold Online

Published on: March 25, 2023
Last Updated: March 25, 2023

Facebook Data Breach 2021: 2 Billion Records Sold Online

Published on: March 25, 2023
Last Updated: March 25, 2023

In this write-up, we’ll talk about the two most significant Facebook data breach 2021 incidents and how they affected people and corporations.

There seems to be another incident of a significant data breach affecting millions of people and their personal information every time we read the news. And sadly, the major ones are often from Facebook, the most used social media platform.

The recent Facebook data breach of 2021 has been the most devastating of its time. It has left many people feeling anxious and vulnerable.

As a result, Facebook has been working hard to protect the personal information that they have collected from its users.

The data breaches in 2021 were security incidents in which hackers gained access to Facebook’s servers and stole personal information from millions of accounts.

The company first announced that it had detected an attack on September 25th 2021 but disclosed the details on October 3rd.

1st Facebook Data Breach 2021

533 Million Facebook Users’ Data was Leaked in Online Forums in April 2021

In April 2021, the personal details (phone numbers and other personal data) of around 533 million Facebook users from around the world were leaked online.

These data were uploaded on a few low-level online hacking forums. This Facebook breach was first noted and highlighted by Alon Gal.

He is the chief technical officer and co-founder of a highly reputed cybersecurity firm Hudson Rock.

Alon found the cache of Facebook users’ leaked data online on April 3rd, 2021. Meanwhile, Facebook hadn’t yet notified the affected users of the breach.

However, during an interview with a US-based media house, one of Facebook’s officials said that this data breach was “old” and was already fixed in August 2019.

What Data Was Leaked in this Data Breach?

As per Alon Gal, the leaked Facebook data include users’ basic information such as names, occupations, bio, genders, marital status, and relationship status.

Besides that, it also includes more confidential data like email addresses, place of work of users, as well as users’ phone numbers.

Moreover, this Facebook information has been confirmed by various media organizations and groups.

The breached data includes information of 1.2 million Facebook users from Australia, 3.8 million from Bangladesh, 6 million from India, 8 million from Brazil, 11 million from the UK, and 32 million from the US.

How Can Scammers Use the Leaked Data?

Alon Gal, earlier this year, confirmed that leaked data from the Facebook data breach in April 2021 was being sold to various groups on Telegram, a cloud-based messaging application.

But that’s not all. This leaked data is all over the internet on various hacker forums. And that’s a thing to be worried about.

The leaked Facebook users’ data can be used for scam phone calls, SIM swapping, phishing attacks, target advertising, and email fraud.

Apart from that, scammers can use this data to plot and execute different nefarious online fraudulent schemes.

On top of all these, hackers can even impersonate Facebook users using their data and try to make online money transfers on their behalf, without their prior approval or knowledge.

Additionally, these databases of personal information are on the dark web. So anyone, literally anyone, can sift through this data.

2nd Facebook Data Breach 2021

Data of Over 1.5 billion Facebook Users were Sold on Hacker Forum on October 2021

According to an online report by a reputed privacy research company Privacy Affairs, nearly 1.5 billion Facebook users’ data were found on an online hacker forum for sale.

This speculation came just a few days after Facebook and its sibling companies WhatsApp and Instagram had almost a 7-hour-long global outrage.

However, these two incidents aren’t related. In fact, the data of Facebook users which were found on hacker forums for sale doesn’t indicate that any third-party hacker broke into the system.

Instead, these were obtained by scraping Facebook data that was publicly available.

In case you don’t know, scraping means getting hold of user data that are publicly available and organizing these into a list or database.

Moreover, hackers can even scrape users’ data by offering online trivia and quizzes to the users in which they’re asked to fill in their personal details.

What Data Was Leaked in this Data Breach?

The personal information of Facebook users was up for sale on a well-known hacker forum, and buyers had the choice to buy all the data in a single go or in smaller chunks.

However, the seller is a group of web scrapers with more than 18,000 clients during that time frame.

Moreover, Privacy Affairs, in their report, added that the data that is provided for sale contains personal information such as email addresses, names, genders, locations, user IDs, as well as phone numbers.

In fact, in late September, the seller first announced that they possessed the data of nearly 1.5 billion Facebook users from around the world.

Additionally, one buyer has reportedly quoted around US $5,000 for the personal data of 1 million Facebook users.

Meanwhile, the researchers conducted an investigation to cross-check the authenticity of the data with known Facebook database leaks.

How Can Scammers Use the Leaked Data?

Having your personal data leaked is very scary.

That’s because anyone, especially hackers, can use this data to execute sophisticated phishing or other social engineering attacks.

Moreover, knowing Facebook users’ phone numbers makes it even easier for cybercriminals to send out fake text messages or make phone calls to affected users.

They could pretend to be various entities like banks or even Facebook.

Cybercriminals will then ask the users to click on a link for various reasons, such as to update their security settings, “claim a prize”, or change their passwords. And that’s how they harm the users.

How to Protect Your Facebook Data from getting Leaked


While the Facebook data breach in 2021 had everyone talking, it’s essential for us to pause for a moment and consider the privacy and security of your data on the internet.

Moreover, following the disclosure of the data breach, many users have started to deactivate their accounts and advise others to do the same.

Although you should be concerned about the misuse of personal information, deactivating your Facebook account isn’t a solution.

You can check if your data has been leaked or compromised from time to time by visiting online website sites such as HaveIBeenPwned.com.

In fact, you can even use this site to see if your mobile numbers and email addresses have been compromised or not.

If you’re one of those people whose Facebook data has been leaked or compromised, you should immediately update your password. Getting help from any security service, such as 1Password, is a safe choice.

Apart from that, Facebook even recommends that its users use the two-factor authentication feature on their Facebook accounts.

While taking a survey or a quiz, make sure to only participate in the ones which are offered by only known and verified publishers.

Furthermore, you should never log in to websites using your Facebook account.

You might’ve come across various situations where a website or an app gave you an option of joining in using your Facebook account.

Although it could appear to be a practical way to create a new account, doing it in this manner isn’t safe at all.

That’s because many different businesses may eventually be able to access your Facebook account and personal information. Many users are unaware that Facebook can access their behavior on and off the platform.

In fact, this platform uses its relationships with numerous companies to track your online activities. Fortunately, it allows you to disable these tracking features using only a few simple actions.


Facebook has a lengthy history of not protecting its users’ data, and it has made headlines for significant hacks that appear to get worse every year.

And as for data breaches in 2021, the two incidents covered above were the two major ones.

Although Facebook will always know things about you, limiting its access to your personal data is essential.

The biggest takeaway from the incidents of the Facebook data breach 2021 would be to take steps to stay safe while using this platform or any other social media platform.

Stay on top of the latest technology trends — delivered directly to your inbox, free!

Subscription Form Posts

Don't worry, we don't spam

Written by Trevor Cooke

Trevor Cooke is an accomplished technology writer with a particular focus on privacy and security. He specializes in topics such as VPNs, encryption, and online anonymity. His articles have been published in a variety of respected technology publications, and he is known for his ability to explain complex technical concepts in a clear and accessible manner.