Hacker claims to have stolen 1.2 billion Facebook user records – but experts skeptical
06/01/2025 / By Laura Harris
- A hacker named “ByteBreaker” alleges stealing 1.2 billion Facebook user records – potentially the largest social media breach – and is selling the data on the dark web. The dataset includes names, emails, phone numbers, birthdates and location details.
- Meta insists the data is old (from 2021) and denies a new breach, calling it a repackaging of past leaks. Researchers found overlaps with the 2021 breach, casting doubt on ByteBreaker’s claims.
- ByteBreaker’s assertion of 1.2 billion records stored in 200 million rows contradicts database norms (1 record = 1 row), raising skepticism. Experts suspect a dark web marketing tactic to sell recycled data.
- If verified, ByteBreaker’s breach would surpass LinkedIn’s 2021 leak of 700 million users (92 percent of its user base), which exposed emails, job details and inferred salaries – fueling phishing and identity theft risks.
- Despite Meta’s denial, users are urged to enable 2FA, change passwords, monitor accounts and freeze credit reports to mitigate potential risks from recycled or old data being exploited.
A hacker going by the alias “ByteBreaker” claims to have stolen 1.2 billion Facebook user records – potentially the largest social media breach in history – and is now selling the trove on the dark web.
The stolen data reportedly includes names, user IDs, email addresses, phone numbers, birth dates, gender details and location information (city, state and country). However, Meta, the parent company of Facebook, insists the data is old, originating from the 2021 breach and that ByteBreaker is falsely repackaging it as new.
ByteBreaker claims to have exploited a Facebook API (Application Programming Interface) – a tool designed to let apps access user data – to scrape information at an unprecedented scale. To prove legitimacy, ByteBreaker shared a sample of 100,000 records on the dark web.
However, researchers at Hackread and Cybernews found that some entries matched the 2021 breach, raising doubts about the hacker’s claims. Adding to skepticism, ByteBreaker advertised the data as “1.2 billion records stored in 200 million rows.” In databases, each row typically represents one user’s full data, meaning 1.2 billion records should require 1.2 billion rows– not 200 million.
“This is from 2021, so it’s not a new claim. We disclosed this years ago and have taken steps to prevent similar incidents from happening,” Meta stated on May 22. ByteBreaker’s claims are alarming, but experts believe this may be a dark web marketing ploy – repackaging old data to sell to unsuspecting buyers.
But despite their skepticism, Meta still urged Facebook users to change Facebook passwords, enable two-factor authentication, freeze credit reports (to prevent identity theft), monitor bank accounts for fraud and update passwords on linked accounts.
LinkedIn also experienced a massive data breach in 2021
If verified, this would surpass previous breaches, including the 700 million-user leak of Microsoft-owned LinkedIn in 2021 – nearly 92 percent of the platform’s 756 million user base.
The breach was uncovered on June 22 that year when the hacker advertised the stolen data for sale on a dark web forum. To prove its authenticity, the hacker released a sample of one million records, which cybersecurity experts confirmed contained real and up-to-date user information. (Related: Massive DATA BREACH exposes personal data of 700 million users of Microsoft-owned LinkedIn.)
The exposed data includes email addresses, full names, phone numbers, physical addresses, geolocation records, LinkedIn usernames and profile URLs, professional and personal background details, genders, connected social media accounts and inferred salaries.
While passwords and financial records were not compromised, cybersecurity experts warn that the leaked information is still highly valuable to cybercriminals. Additionally, the stolen data could be exploited for identity theft, highly targeted phishing scams, social engineering attacks and account takeovers (using leaked emails/usernames to breach other platforms). Once personal data is exposed, victims have little recourse to reclaim their privacy.
This marks the second major breach LinkedIn has faced in 2022. In early April, data from 500 million users was scraped and leaked online. At the time, LinkedIn claimed the breach included publicly available information from multiple sources – not just its platform.
Visit Glitch.news for more stories like this.
Watch the following video to learn about the top 5 cybersecurity breaches of all time.
This video is from the Daily Videos channel on Brighteon.com.
More related stories:
Nate Cain: FBI ignored Konnech election data breach – Brighteon.TV.
Data breach in Indonesian COVID-19 tracking app exposes data of over 1 million people.
“Nearly all” AT&T customers hacked by data breach – now what?
Pizza Hut Australia HACKED! Data security breach exposes customers’ personal information.
Sources include:
Submit a correction >>
Tagged Under:
Big Tech, ByteBreaker, cyberattack, data breach, data privacy, Facebook, Glitch, hack, Meta Platforms, privacy, privacy watch, Social media, social media users, surveillance, tech giants, user data
This article may contain statements that reflect the opinion of the author
RECENT NEWS & ARTICLES
