Developing: Pakistani Plane Escorted by UK Fighter Jets — 2 Men Arrested

Doc Thompson’s 24-hour radio marathon, ‘#24forok,’ continues until 9 am ET — Listen Live!

Technology

Facebook Data of 1.1 Million Users Sold for $5 Online (This Blogger Just Bought It)

Oct. 26, 2012 9:56am Liz Klimas

Constantly embroiled in some sort of privacy battle, Facebook is now investigating what could have been a data breach or at least a misuse of information collected through third-party apps. As revealed by a Bulgarian blogger, a website was found selling more than a million data entries of Facebook users for only $5.

Bogomil Shopov, a digital rights activist, wrote that the entries included information like users’ names, Facebook URLs and email addresses, which he verified were valid.

Bulgarian Blogger Purchases 1.1 Million Facebook Names, URLs and Emails for $5

Files of Facebook user information purchased by Shopov for $5 U.S. (Image: Bogomil Shopov)

In a separate post, Shopov wrote that Facebook contacted him after this revelation, thanking him for showing this issue. Perhaps only Facebook wants to be able to sell its own users’ information.

Here’s some of what Facebook said during their conversation, according to Shopov:

“Now we would like you to send us this file, delete it, tell us if you have given a copy of it to someone, give us the website from which you bought it including all transactions with it and the payment system and remove a couple of things from your blog. Oh and by the way, you are not allowed to disclose any part of this conversation; it is a secret that we are even having this conversation”.

He wrote that he agreed to send them the website, as it was his original purpose in pointing out this information being sold at a cheap price. He asked what Facebook’s plans were next and was told the company would be conducting an internal investigation.

Forbes Andy Greenberg contacted Shopov who said he made sure this information, which Greenberg specified came from the site Gigbucks, wasn’t just gleaned from public Facebook profiles. The profiles included in the list had users who protected contact information under some security levels on the site. Shopov went on to tell Greenberg he hopes his findings result in an increase in security on Facebook’s part, specifically for the information given when allowing third-party apps.

Searching Gigbucks for “Facebook database” revealed that there are two other entries attempting to sell Facebook user information as well, although this information has not been verified as legitimate.

“Anyone can grab your data,” Shopov said, according to Greenberg. “Users click ‘I agree’ or ‘I accept,” and their information goes off to the application developer, who can do whatever they want with it.”

Facebook told Greenberg it is not at liberty to discuss the investigation in detail.

(H/T: Gizmodo)

Benghazi, IRS, AP...What's next? Only TheBlaze TV offers the truth from Glenn Beck, Andrew Wilkow, and Real News from TheBlaze. Get instant access and a free trial here.

Back to The Blaze »

Comments (44)

Civican
Posted on October 28, 2012 at 9:20am
The only thing I have on FB is my name. Stopped using it 5 years ago. FB really sucks!

Report this comment
Log in to Reply Reply
RamonPreston
Posted on October 27, 2012 at 12:04pm
Don’t you people read the internet? When you buy something you only purchase the right to use it. You don’t own it.

Report this comment
Log in to Reply Reply
RamonPreston
Posted on October 27, 2012 at 11:58am
Would he check and see if my account was delete. Everything on FB goes directly to the CIA who run face recognition software on it.

Report this comment
Log in to Reply Reply
woodyee
Posted on October 27, 2012 at 8:53am
“The profiles included in the list had users who protected contact information under some security levels on the site.”

Kiddies, stay away from those social sites, please? Sheesh…

Report this comment
Log in to Reply Reply
woodyee
Posted on October 27, 2012 at 8:50am
LOL!!!

“In a separate post, Shopov wrote that Facebook contacted him after this revelation, thanking him for showing this issue. Perhaps only Facebook wants to be able to sell its own users’ information.”

Hehe!!!! GO GET ‘EM, LIZ!!!!!

Report this comment
Log in to Reply Reply
RhetoricalQuestion
Posted on October 26, 2012 at 8:38pm
If you can think it, then so can someone else.

Imagine, neighborhoods of people on FB being watched by foreign or domestic enemies… you think it’s not happening…think again. What could/would they do with this information???

Would you, in your right mind, post pictures and personal, identifying information in a public square in your “downtown” American town? Information that any passerby could read and make their way straight to your doorstep?

One of the biggest mistakes a person can make is to think that their life isn’t interesting, or wouldn’t matter to anyone else. This is naive.

Public information (through the internet) is unprecedented in human history. We can’t even begin to estimate the consequence of our vulnerability. What would history have been like during WW1 or WW2, etc., if our enemies had the information about us that they could have access to now, with only a couple of clicks?

And don’t even start defending some of the information available as being “public record.” (I passionately argue) It used to be, any Joe Curious who wanted information on you, had to get out of his underwear, get dressed and take a trip to City Hall, and probably pay a fee… my point is, he had to make an effort with the sacrifice of his time, energy, money… the internet data mining requires little to no effort with sizable returns.

We have to ask ourselves, just because we can, does it mean we should? What are the consequences?

Report this comment
Log in to ReplyReply
- Samsss
  Posted on October 28, 2012 at 6:13pm
  So, you don’t like FaceBook. Why don’t you tell us “why you don’t like FB?” It seems there are several million (tens of millions) who do use it without problems. Can you explain that? Probably not.
  
  Report this comment
- StrongWesternbabeluvinherWesternMAN
  Posted on October 29, 2012 at 2:26am
  Exactly, that is why when we want to post we drive around and our post comes through as someone elses home address….no we are not using another’s paid subscription 4 their internet but our location is defined as their neighborhood.
  
  Report this comment
hamsandwichman
Posted on October 26, 2012 at 7:28pm
My first post..and I enjoy Ham Sandwiches

Report this comment
Log in to ReplyReply
- justa_thought
  Posted on October 26, 2012 at 11:00pm
  what kind of bread would you like that on?
  
  Report this comment
- Chuck Stein
  Posted on October 27, 2012 at 2:48am
  You could be indicted by a grand jury, you know.
  
  Report this comment
- woodyee
  Posted on October 27, 2012 at 8:58am
  Need a woman to help you make those ham sandwiches? You can have Blazer MaryBethElizabeth, as a welcome gift. And welcome to the Blaze! (Psst – she keeps a pretty clean house, but her heads is screwed on backwards…)
  
  Report this comment
Larry E
Posted on October 26, 2012 at 3:46pm
Another good reason to avoid Facebook and other such sites.

Report this comment
Log in to Reply Reply
thekuligs
Posted on October 26, 2012 at 11:02am
OK, none of this information was really sensetive. I don’t get what all the uproar is about. I’m an author, so in addition to my personal page I have an author page–because I “have” to, even though I prefer Twitter. My name, my email where I can be contacted, and my facebook URL are already things you can find because I put it out there. You might get more spam, but my spam folder catches most of that. So big freaking deal.

Report this comment
Log in to ReplyReply
- stage9
  Posted on October 26, 2012 at 11:10am
  which makes you the perfect victim….
  
  Report this comment
- Joey Joe Joe
  Posted on October 26, 2012 at 11:29am
  Sorry, but this is one of the most naive statements I’ve ever read. There are plenty of services readily available that marketers use that can append a physical address to a known email address using 3rd-party databases aggregated from multiple sources. (This is one way large companies know who to target when sending out mail catalogs, etc.)
  
  It’s NOT a good thing when your personal email address and real name are exposed online in front of thousands of hackers and identify thieves. When people add location to their tweets or post about their upcoming vacation on facebook, it only adds to this vulnerability.
  
  The hacker that is selling the list for $5 isn’t the main issue though. He’s just exposing something every black hat and cyber thief knew about several years ago. Facebook security is absolutely atrocious, and there is a lot of incompetence in that organization that is driven by the whole company mentality (‘more..more..more..faster..faster..faster). That site is a disaster waiting to happen, and it is only going to get worse when they start pushing mobile.
  
  Report this comment
- thekuligs
  Posted on October 26, 2012 at 12:41pm
  Guys this info is all avaliable. You are being rediculous claiming I am the niave one. It’s one thing to collect and sell data that is out there vs selling sensetive info such as credit card info, social security numbers, etc. This is not some serous security breech. For many people their name is their business. Having your name, email address and FACEBOOK page adress isn’t anything people couldn’t find on Google.
  
  Report this comment
- JediKnight
  Posted on October 26, 2012 at 12:44pm
  Hacker?! Please don’t use that term when you clearly don’t understand it’s meaning. He wrote an app, just like every Facebook developer can, that gleaned a few pieces of information from your profile. Every app warns about this from Farmville to those Birthday calendar apps. There’s no hacking involved. All it takes is a programmer implementing Facebook APIs.
  
  When you click “I agree” on that app, you’re allowing it to access your information. You can always fill in completely false information in your profile.
  
  I think the point is, nothing’s free. These apps are paid for with ads. Ads that tap into your personal information in order to be targeted at you. Don’t want to see ads? Don’t use free online services. Don’t want to be targeted? Don’t use free online services. Even the ads on TheBlaze look at your browsing history to determine what should be served up.
  
  Report this comment
- Joey Joe Joe
  Posted on October 26, 2012 at 1:55pm
  JEDIKNIGHT – no need for the high and almighty tone. If you knew anything about the known Facebook API exploit back in 2011, then maybe you would’ve re-phrased your last response a little differently. When someone exploits the Facebook API for purposes of gaining user data that was not explicitly shared by individuals upon installing the app it is considered a hack, pure and simple. You are right though – there are legitimate (yet rogue) apps that accomplish the same type of data collection by using the API legitimately from unsuspecting users. Getting 1.1M users this way though is highly unlikely.
  
  Report this comment
- kbounds56
  Posted on October 26, 2012 at 11:56pm
  Stage9 got it right. Perfect victim.
  
  Report this comment
- PubliusScipio
  Posted on October 27, 2012 at 4:26pm
  An author who can’t spell ridiculous. Yikes! Particularly when The Blaze has incorporated spell-check into its comment boxes.
  
  Report this comment
budahbabe
Posted on October 26, 2012 at 11:02am
I knew something like this would happen on Facebook. It was bound too. Look all you facebook users do something good for the country and let everyone know that the Obama’s spent 4,700 per person for a state dinner for the Mexican President. The had Beyonc’e performing etc. Now that is almost a million dollars of our tax money on one state dinner??? People around the country are starving and the Emperor with New Clothes is doing this? They have had other state dinners that cost almost as much as this. Check it out on Drudge and then hit Facebook and let all those 99%ers know the Obama’s are the 1% with our money!!!! This should set your **** on fire!

Report this comment
Log in to Reply Reply
USALOVER2011
Posted on October 26, 2012 at 10:47am
Ahhhh, now I’m in big trouble…I’m on facebook to keep in touch with my families overseas…Also, it’s another way to connect with people that follows Romney and Ryan’s campaign. I can read threads from people that lives in the battle grounds States that otherwise I wouldn’t hear it on the media. :(

Report this comment
Log in to Reply Reply
michael from Ga.
Posted on October 26, 2012 at 10:40am
This is why will Not touch fa..bo… or tw…. And I ask friends and love ones to stay away as well. Do Not give personal info to the enemy, period.

Report this comment
Log in to Reply Reply
lynnissmart
Posted on October 26, 2012 at 10:36am
Can someone explain to me what this means….I have a facebook page……

Report this comment
Log in to ReplyReply
- USALOVER2011
  Posted on October 26, 2012 at 10:50am
  You’re right…..what is it mean? That’s what I need to know!!!
  
  Report this comment
- Marci
  Posted on October 26, 2012 at 12:40pm
  Your information can be used in a million ways by many organizations looking to market,etc. However it can also be used in nefarious ways. I just received a spam email the other day appearing to be from my mother–it used her full name as shown on Facebook. Of course the email didn’t match. I didn’t click the link. But how many of her FB friends know her real email? Not too many….
  
  Report this comment
Anonymous T. Irrelevant
Posted on October 26, 2012 at 10:35am
HEY, my name is on there!!

Report this comment
Log in to ReplyReply
- Anonymous T. Irrelevant
  Posted on October 26, 2012 at 10:44am
  Just kidding :-D
  
  Report this comment
shimauma42
Posted on October 26, 2012 at 10:25am
Why people put their private info on facebook, I’m not sure. There are lots of ways to fake your account and then just use it to post your opinions. The only people who know who shimauma is are the ones that I tell on purpose.

Report this comment
Log in to ReplyReply
- USALOVER2011
  Posted on October 26, 2012 at 10:55am
  Real info meaning? Do you mean real name? Almost everyone I know have their first and last names…And so is mine.. :(
  
  Report this comment
- USALOVER2011
  Posted on October 26, 2012 at 10:58am
  I meant private info.
  
  Report this comment
- thekuligs
  Posted on October 26, 2012 at 12:42pm
  The only information this article claims was sold was name, email address, and facebook page adress. That isn’t really private info.
  
  Report this comment
titan
Posted on October 26, 2012 at 10:25am
i found out about a year ago that they were selling my info. my daughter urged me to join facebook and after i sign up i started receving spam in my email. 6 months after i joined i quit it. i read that even if you quit them they will NOT delete your info. scarry! no facebook for me. also they have bots that follow you every where you go on the internet.

Report this comment
Log in to Reply Reply
RaydocX
Posted on October 26, 2012 at 10:21am
it’s not my quote, but it’s very true…
if you are not paying for something, you are not the customer, you are the commodity.

the inane, the ridiculous, the hyperbole rampant on Facebook betray how fragile civility, and so civilization is… people say hateful things, sometimes just to see what kind of reaction they get. people post information that will haunt them for years.

but it’s a free world, and until parents get a handle on parenting instead of letting the state be the absent minded nanny, it will continue, generations that will have a new ‘listen to me because i know from experience’ point of view when trying to protect THEIR kids on social media.

Report this comment
Log in to Reply Reply
RJJinGadsden
Posted on October 26, 2012 at 10:09am
I have stayed away from any of this social media. My son got into Face Book shortly after it got started. A couple of years later he dumped his account and deleted everything that referred to Face Book in all of the computers. He got sick of it.

Report this comment
Log in to ReplyReply
- biohazard23
  Posted on October 26, 2012 at 10:14am
  Good morning, RJ! How’s things with you? Are you guys going to get anything from the storm?
  
  I deleted my FB account years ago. Too much trouble.
  
  Report this comment
Vickie Dhaene
Posted on October 26, 2012 at 10:07am
The only reason I use FACEBOOK is to stay in contact with my family and to POST STORIES THE LAME STREET MEDIA WON’T. I will immediately cancel my account.

Report this comment
Log in to Reply Reply
hillbillyinny
Posted on October 26, 2012 at 10:05am
Amen to both Sam and Mike!

Keep our personal information to yourself. And besides, most of your friends think you’re a dork to put up the stupid stuff you put on there!

Privacy and mystery is an asset. . .

Report this comment
Log in to Reply Reply
hoff
Posted on October 26, 2012 at 10:04am
good thing i only put my social security number and bank account information on facebook so i should be safe!

Report this comment
Log in to Reply Reply
SamIamTwo
Posted on October 26, 2012 at 10:01am
Got out of facebook YEARS ago. Short the stock!

Report this comment
Log in to Reply Reply
mikem1969
Posted on October 26, 2012 at 10:00am
To all social media people, this is why you don’t put anything other than your name on any social media site, the info can come back to bite you.

Report this comment
Log in to ReplyReply
- cyclops
  Posted on October 28, 2012 at 6:29pm
  Agreed 100%……
  
  Report this comment
- StrongWesternbabeluvinherWesternMAN
  Posted on October 29, 2012 at 2:24am
  yeah Y you never post from your own home computer…geez peeps
  
  Report this comment

It appears that you have Javascript Disabled. Please enable Javascript in your browser preferences for a better user experience on TheBlaze. You can not comment without Javascript enabled.