Facebook Marketplace accounts leaked online — thousands of users possibly affected, so secure your account now

(Image credit: Shutterstock/PixieMe)

Hundreds of thousands of Facebook Marketplace users have had their personal information stolen and posted on a dark web forum, putting them at serious risk of phishing, identity theft, and other cybercrime.

According to a BleepingComputer report, a known data leaker with the alias IntelBroker posted a new thread on an underground forum, with 200,000 Facebook Marketplace records. The records contained people’s names, phone numbers, email addresses, Facebook IDs, and Facebook profile information.

The hacker claims this is a partial Marketplace database, stolen by a different threat actor, with the Discord alias “algoatson”. This person allegedly breached the systems of a Meta contractor late last year. "In October 2023, a cyber criminal by the name of 'algoatson' on Discord, breached a contractor that manages cloud services for Facebook and stole its partial user database of 200,000 entries," IntelBroker allegedly said in the forum thread.

The publication said that at least some of the data is valid, as it took a random sampling and successfully matched email addresses and phone number information.

What can hackers do with your data?

IntelBroker is a known leaker, who has a long track record of leaks from major companies. Before Meta, IntelBroker was seen sharing sensitive data from DC Health Link, Hewlett Packard Enterprise (HPE), General Electric Aviation, Weee!, and others.

Information such as this one is a true treasure trove for hackers around the world. By knowing the details about people’s personal lives, they can craft convincing phishing attacks, breaking into their computers and smartphones, and possibly even stealing money and cryptocurrencies. They can also target businesses, deploying different malware and ransomware, and engaging in devastating Business Email Compromise (BEC) attacks.

Companies that suffer data leaks often offer affected individuals identity theft protection services for free.

Meta is yet to formally comment on the incident.

More from TechRadar Pro

Facebook under investigation following massive data breach
Here's a list of the best firewalls around today
These are the best endpoint security tools right now

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.