Facebook Leak - Dive into the data


25 Mar 2021
Reaction score

The Facebook Leak containing the data of million of users can be scaled into segmented data. This is done by individually pick a user and explore all the data from them. A simple way is by using Facebook Annoyer (Link below) or using the forgot your password feature of Facebook.

Download USA.zip data:

Download Facebook Annoyer:

Visit Facebook - Forgot your password feature

Using the Facebook password feature or Facebook Annoyer can be used for account take over as the information provided can be easily be used against the system to recover a account. A example? Date of birth. Keep in mind that notifications may occur and test everything against before implementing a takeover.

1 - Download a random dataset from USA.zip for testing

2 - Use Facebook Annoyer to confirm id

(As the user can see the semi hidden number is the +******37, which combining with the leaked data it's a match. In this example the profile doesn't have a associated avatar which makes a bit harder to find the profile, but is not impossible. Using the name provided in the leak a profile can easily be found.)

Extra data can be extracted from Facebook to build a extended profile and additionally combining with other Leaks can be a treasure map to hackers to uncover hidden information. From this point forward and using automated methods provided by Facebook or by social engineer with the information that the user have it can be used to make takeovers.

This article is just a simple way to demonstrate the power of using this leak. Other approaches can be made to tackle other goals but essentially is all there available at your fingertips.