Flood Watch
from FRI 11:00 AM MST until SAT 11:00 PM MST, Yavapai County Mountains, Little Colorado River Valley in Coconino County, Little Colorado River Valley in Navajo County, Little Colorado River Valley in Apache County, Eastern Mogollon Rim, White Mountains, Northern Gila County, Yavapai County Valleys and Basins, Oak Creek and Sycamore Canyons, Western Pima County including Ajo/Organ Pipe Cactus National Monument, Tohono O'odham Nation including Sells, Upper Santa Cruz River and Altar Valleys including Nogales, Tucson Metro Area including Tucson/Green Valley/Marana/Vail, South Central Pinal County including Eloy/Picacho Peak State Park, Southeast Pinal County including Kearny/Mammoth/Oracle, Upper San Pedro River Valley including Sierra Vista/Benson, Eastern Cochise County below 5000 ft including Douglas/Wilcox, Upper Gila River and Aravaipa Valleys including Clifton/Safford, White Mountains of Graham and Greenlee Counties including Hannagan Meadow, Galiuro and Pinaleno Mountains including Mount Graham, Chiricahua Mountains including Chiricahua National Monument, Dragoon/Mule/Huachuca and Santa Rita Mountains including Bisbee/Canelo Hills/Madera Canyon, Santa Catalina and Rincon Mountains including Mount Lemmon/Summerhaven, Baboquivari Mountains including Kitt Peak, Kofa, Central La Paz, Aguila Valley, Southeast Yuma County, Gila River Valley, Northwest Valley, Tonopah Desert, Gila Bend, Buckeye/Avondale, Cave Creek/New River, Deer Valley, Central Phoenix, North Phoenix/Glendale, New River Mesa, Scottsdale/Paradise Valley, Rio Verde/Salt River, East Valley, Fountain Hills/East Mesa, South Mountain/Ahwatukee, Southeast Valley/Queen Creek, Superior, Northwest Pinal County, West Pinal County, Apache Junction/Gold Canyon, Tonto Basin, Mazatzal Mountains, Pinal/Superstition Mountains, Sonoran Desert Natl Monument, San Carlos, Dripping Springs, Globe/Miami, Southeast Gila County

Data on 267 million Facebook users exposed: Researcher

(Facebook)

A Ukrainian security researcher reported finding a database with the names, phone numbers and unique user IDs of more than 267 million Facebook users - nearly all U.S.-based - on the open internet. That data was likely harvested by criminals, said researcher Bob Diachenko, an independent security consultant in Kyiv.

The database, which Diachenko discovered with a search engine, was freely accessible online for at least 10 days beginning Dec. 4, he said. He notified the internet provider where it was hosted when he found it on Dec. 14; five days later it was no longer available.

Diachenko said someone downloaded the database to a hacker forum two days before he discovered it so it may have been shared among online thieves.

He first reported the finding Thursday in partnership with the U.K. tech news website Comparitech, which editor Paul Bischoff said has been helping write up Diachenko's discoveries of unsecured databases for about a year.

The researcher provided the AP with a 10-record sample from the database and the IDs - and two phone numbers that were answered - checked out against real Facebook users.

The evidence suggests the data was collected illegally, most likely by criminals in Vietnam who may have “scraped” it from public Facebook pages or by somehow obtaining privileged access to the service. Scraping is automated data-harvesting done by bots. A small fraction of the database include details on Vietnam-based users.

Diachenko said he did not share the database with Facebook, which did not directly confirm the finding. In a statement, the social network said it was investigating the issue and that the finding “likely” involved information obtained before Facebook took unspecified data-protection measures in recent years.


RELATED COVERAGE:


In 2018, the social media giant disabled a feature that allowed users to search for one another via phone number following revelations that the political firm Cambridge Analytica had accessed information on up to 87 million Facebook users without their knowledge or consent.

Diachenko said he had not determined when the data was collected. He said all the records had time stamps from January to June 2019 but that it was unclear who generated them.

Security experts say the affected Facebook users are at higher risk of being targeted by spam, password-stealing phishing attacks and identity theft attempts. The information can be cross-referenced with physical and email addresses and other data obtained in other data breaches. Facebook user IDs are unique numbers associated with individual accounts.

In September, the news site TechCrunch reported that Facebook IDs and phone numbers for more than 400 million users were similarly found exposed online by a researcher.

In March, Facebook disclosed that it had left hundreds of millions of user passwords readable by its employees on internal severs for years after a security researcher exposed the lapse.

___

For the latest local news, sports and weather, download the FOX 29 News app.

DOWNLOAD: FOX 29 NEWS APP