JAKARTA - The case of user data leakage has hit Facebook again. This time, more than 267 million phone numbers, names and IDs of Facebook users are exposed to cyberspace, and can be freely accessed by the public.

Quoting from CNET, this leak was discovered by a Comparitech security researcher named Bob Diachenko, who discovered the database on December 14. However, the same database was also reposted and available for download from a hacker forum for nearly two weeks.

In fact, this is not the first time that a database containing Facebook user data has been leaked in cyberspace. This raises a big question mark about the commitment and efforts of the company formed by Mark Zuckerberg to protect user data.

Our memories are still fresh, about the Cambridge Analytica scandal which was caught taking 87 million data belonging to Facebook users without approval in early 2018. In April, Facebook was again negligent when security researchers from UpGuard found more than 540 million user information, including comments and likes, in a database stored on Amazon's cloud servers.

According to Diachenko, Facebook's user database is particularly vulnerable to spam attacks and phishing attempts. Because the Facebook user ID has a unique number that can be used to guess someone's Facebook username, including various profile information.

"Criminals can also take advantage of automated technology to collect information from Facebook profile pages that are open to the public," as quoted from CNET.

Through its spokesperson, Facebook admits that it will solve this problem as soon as possible. The company says the leaked databases were likely taken before they changed policy by restricting access to users' mobile numbers in 2018.

To protect users' Facebook data, it's a good idea to change your account privacy settings so that search engines outside of Facebook can't link user profiles. In addition, also activate TFA or Two Factor Authentication to avoid phishing threats.

Facebook illustration (Pixabay)

Often Track User Location

The problem of user data leakage is indeed a problem for Facebook. But surprisingly, Facebook also admits that its company is able to track its users without permission.

This was revealed by the Deputy Head of Privacy at Facebook, Rob Sherman when giving a statement to the Senator two months ago. In a letter sent on December 12, Facebook said it could estimate the location of the user through the uploaded content.

For example, through tags in their photos or the IP address of their cellphones. Facebook can also find out the location of users when they check-in at certain locations, such as restaurants, malls, or shops. Location tags from their friends on Facebook can also be a clue.

Facebook needs to know the user's location so that it can target ads that are appropriate for them. In addition, Facebook also does not give users the option to turn off location-based advertising services. However, Facebook argued they allowed users to prohibit Facebook from knowing their exact location.

"Almost all ads on Facebook are targeted based on location. Although most of the ads are targeted at those who live in a particular city," the company wrote. "(If we don't do this, it could be) people in Washington, DC will receive advertisements for services or events in London, and vice versa," was quoted as saying by CNBC.

As for those of you who are iOS users and want to turn off the location feature, you can do it in the Settings and Privacy menu option. There you will see the 'Privacy' sub-menu and select the option to disable Location Access. If you want Facebook to stop tracking your location when it's not running, then simply swipe over to the "Background Location" option.

As for Android users, you can make settings in the App Permission option and disable the location option on the Settings menu.


The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)