Brinztech Alert: 23.5 Million Facebook Japan User Profiles on Sale

Dark Web News Analysis: 23.5M Facebook Japan User Profiles for Sale

A massive database containing the profiles of 23.5 million Facebook users in Japan is being offered for sale on a hacker forum for $1,400. The data reportedly originates from a widespread data scraping incident that occurred on December 7, 2020. Even though the data is several years old, it contains a rich set of non-expiring personal information that remains highly valuable to criminals for conducting large-scale social engineering campaigns. The compromised data includes:

• PII and Contact Info: Phone numbers, full names, gender, and physical locations.
• Facebook Profile Data: Facebook IDs, personal bios, relationship status, education history, and work information.
• Record Count: 23.5 million user profiles.
• Data Origin: December 7, 2020.

Key Cybersecurity Insights

This incident is a powerful reminder that data from old breaches remains a potent and persistent threat in the cybercriminal underground for years after the initial event.

• Old Data, New Threat: 2020 Breach Data is Still Highly Dangerous: Although the data was scraped in 2020, much of the information—such as names, phone numbers, and dates of birth—is permanent. Threat actors constantly buy, sell, and recycle old data like this because it remains a potent tool for identity theft and social engineering, especially as it targets users who may have forgotten about the original breach and lowered their guard.
• A Massive Target List for Phishing and SMS Scams (Smishing): With 23.5 million phone numbers linked to real names, this database is a goldmine for mass smishing campaigns. Criminals will use this data to send millions of fraudulent text messages containing malicious links, impersonating well-known Japanese brands, delivery services, or government agencies to trick users into revealing passwords or financial information.
• Rich Personal Data Enables Highly Convincing Social Engineering: The inclusion of personal bios, relationship statuses, and work/education history allows attackers to craft extremely personal and believable scams. They can use this detailed context to gain a victim’s trust before manipulating them into making a fraudulent payment, revealing credentials, or taking other malicious actions.

Critical Mitigation Strategies

The primary defense against the misuse of this old data lies with the individuals whose information was exposed, who must remain vigilant against targeted scams.

• For Facebook Users in Japan: Be on Maximum Alert for Phishing and Smishing: All users in Japan should assume their data is in the hands of criminals and be extremely suspicious of unsolicited emails and, most importantly, text messages. Do not click on links from unverified sources, even if the message contains personal information.
• For All Facebook Users: Review Your Privacy Settings: This incident is a reminder for all users to regularly review what information is public on their Facebook profile. Limiting the public visibility of your friends list, phone number, email address, and other personal details can reduce your exposure in future data scraping incidents.
• For All Users: Practice Good Security Hygiene: While passwords were not in this specific leak, the PII can be used to try and take over accounts. Users should ensure their Facebook account is protected with a strong, unique password and, critically, that Two-Factor Authentication (2FA) is enabled to prevent unauthorized access.

Secure Your Organization with Brinztech As a cybersecurity provider, we can protect your business from the threats discussed here. Contact us to learn more about our services.

Questions or Feedback? For expert advice, use our ‘Ask an Analyst’ feature. For general inquiries or to report this post, please email us: contact@brinztech.com