London Daily

Focus on the big picture.
Wednesday, Sep 03, 2025

Facebook leak: Irish regulator probes 'old' data dump

Facebook leak: Irish regulator probes 'old' data dump

A data leak involving personal details of hundreds of millions of Facebook users is being reviewed by Ireland's Data Protection Commission (DPC).

The database is believed to contain a mix of Facebook profile names, phone numbers, locations and other facts about more than 530 million people.

Facebook says the data is "old", from a previously-reported leak in 2019.

But the Irish DPC said it will work with Facebook, to make sure that is the case.

Ireland's regulator is critical to such investigations, as Facebook's European headquarters is in Dublin, making it an important regulator for the EU.

The most recent data dump appears to contain the entire compromised database from the previous leak, which Facebook said it found and fixed more than a year and a half ago.

But the dataset has now been published for free in a hacking forum, making it much more widely available.

It covers 533 million people in 106 countries, according to researchers who have viewed the data. That includes 11 million Facebook users in the UK and more than 30 million Americans.

Not every piece of data is available for every user, but the large scale of the leak has prompted concern from cyber-security experts.

The DPC's deputy commissioner Graham Doyle said the recent data dump "appears to be" from the previous leak - and that the data-scraping behind it had happened before the EU's GDPR privacy legislation was in effect.

"However, following this weekend's media reporting we are examining the matter to establish whether the dataset referred to is indeed the same as that reported in 2019," he added.

Phone issues


Despite the claims of the data being "old", some security researchers remain concerned due to the unchanging nature of the data involved.

Phone numbers, for example, are unlikely to have changed for many people in the past two to three years, and other information - such as a date of birth or hometown - never change.

Alon Gal, a well-known personality in cyber-security circles who tweets as @UnderTheBreach, wrote that the phone number database first appeared in January, where hackers could look up the phone database for a small fee.

But the widespread leak of the database "means that if you have a Facebook account, it is extremely likely the phone number used for the account was leaked," he tweeted.

"I have yet to see Facebook acknowledging this absolute negligence of your data," he added.


This is a cautionary tale on a colossal scale.

It's actually terrifyingly common for companies to store customer data in large, unsecured databases.

Often they are discovered by well-meaning security researchers and are either deleted or made safe swiftly before the bad guys stumble upon the treasure trove.

However, sometimes it's too late.

This case highlights that a company's defence "we've fixed it now" is not good enough.

The horse had bolted long before the stable doors were closed. And clearly, the horse has been having a field day for years since.

The database has likely changed criminal hands many times before now being offered for free.

Facebook may claim this is "an old story", but clearly it's one that keeps coming back to bite it - and, more importantly, its users.

Troy Hunt, a security expert who runs HaveIBeenPwned - an online service for users to check if their information has been involved in a data breach - said queries were six times higher than normal since news of the database's release broke.

He also suggested that the leaked dataset could be very useful "for a targeted attack where you know someone's name and country" - though it would be much harder to use for a blanket mass cyber-attack.

"But for spam based on using phone number alone, it's gold," he added.

"Not just SMS, there are heaps of services that just require a phone number these days and now there's hundreds of millions of them conveniently categorised by country with nice mail merge fields like name and gender."


De'Graft was shocked by the data Facebook stored on him


Newsletter

Related Articles

0:00
0:00
Close
Google Avoids Break-Up in U.S. Antitrust Case as Stocks Rise
Couple celebrates 80th wedding anniversary at assisted living facility in Lancaster
Information Warfare in the Age of AI: How Language Models Become Targets and Tools
The White House on LinkedIn Has Changed Their Profile Picture to Donald Trump
"Insulted the Prophet Muhammad": Woman Burned Alive by Angry Mob in Niger State, Nigeria
Trump Responds to Death Rumors – Announces 'Missile City'
Court of Appeal Allows Asylum Seekers to Remain at Essex Hotel Amid Local Tax Boycott Threats
Germany in Turmoil: Ukrainian Teenage Girl Pushed to Death by Illegal Iraqi Migrant
United Krack down on human rights: Graham Linehan Arrested at Heathrow Over Three X Posts, Hospitalised, Released on Bail with Posting Ban
Asian and Middle Eastern Investors Avoid US Markets
Ray Dalio Warns of US Shift to Autocracy
Eurozone Inflation Rises to 2.1% in August
Russia and China Sign New Gas Pipeline Deal
China's Robotics Industry Fuels Export Surge
Suntory Chairman Resigns After Police Probe
Gold Price Hits New All-Time Record
Von der Leyen's Plane Hit by Suspected Russian GPS Interference in an Incident Believed to Be Caused by Russia or by Pro-Peace or by Anti-Corruption European Activists
UK Fintechs Explore Buying US Banks
Greece Suspends 5% of Schools as Birth Rate Drops
Apollo to Launch $5 Billion Sports Investment Vehicle
Bolsonaro Trial Nears Close Amid US-Brazil Tension
European Banks Push for Lower Cross-Border Barriers
Poland's Offshore Wind Sector Attracts Investors
Nvidia Reveals: Two Mystery Customers Account for About 40% of Revenue
Woody Allen: "I Would Be Happy to Direct Trump Again in a Film"
Pickles are the latest craze among Generation Z in the United States.
Deadline Day Delivers Record £125m Isak Move and Donnarumma to City
Nestlé Removes CEO Laurent Freixe Following Undisclosed Relationship with Subordinate
Giuliani Seriously Injured in Accident – Trump to Award Him the Presidential Medal of Freedom
EU is getting aggressive: Four AfD Candidates Die Unexpectedly Ahead of North Rhine-Westphalia Local Elections
Lula and Putin Hold Strategic BRICS Discussions Ahead of Trump–Putin Summit
WhatsApp is rolling out a feature that looks a lot like Telegram.
Investigations Reveal Rise in ‘Sex-for-Rent’ Listings Across Canada Exploiting Vulnerable Tenants
Chinese and Indian Leaders Pursue Amity Amid Global Shifts
European Union Plans for Ukraine Deployment
ECB Warns Against Inflation Complacency
Concerns Over North Cyprus Casino Development
Shipping Companies Look Beyond Chinese Finance
Rural Exodus Fueling European Wildfires
China Hosts Major Security Meeting
Chinese Police Successfully Recover Family's Savings from Livestream Purchases
Germany Marks a Decade Since Migrant Wave with Divisions, Success Stories, and Political Shifts
Liverpool Defeat Arsenal 1–0 with Szoboszlai Free-Kick to Stay Top of Premier League
Prince Harry and King Charles to Meet in First Reunion After 20 Months
Chinese Stock Market Rally Fueled by Domestic Investors
Israeli Airstrike in Yemen Kills Houthi Prime Minister
Ukrainian Nationalist Politician Andriy Parubiy Assassinated in Lviv
Corporate America Cuts Middle Management as Bosses Take On Triple the Workload
Parents Sue OpenAI After Teen’s Death, Alleging ChatGPT Encouraged Suicide
Amazon Faces Lawsuit Over 'Buy' Label on Digital Streaming Content
×