In her opening remarks at a Senate subcommittee hearing with a Facebook whistle-blower on Tuesday, Senator Marsha Blackburn from Tennessee made a stunning allegation.
“News broke yesterday that the private data of over 1.5 billion — that’s right, 1.5 billion — Facebook users is being sold on a hacking forum,” Ms. Blackburn, the subcommittee’s ranking Republican member, said. “That’s its biggest data breach to date.”
The problem is that the breach that Ms. Blackburn referenced is largely unverified, and possibly fake. The claim comes from an anonymous account on a forum that, according to Vice, obtained access to the database from a supposed company called “X2Emails.” The anonymous post, from Sept. 22, promised “scraped” data on “more than 1.5b Database of Facebook” consisting of users’ email addresses, locations, phone numbers, and other identifying information.
Some news outlets reported on the breach as fact, but there is no proof yet of a hack. Aric Toler, a researcher with Bellingcat, an investigative journalism group, pointed out that someone claimed to have paid for the supposedly hacked information and found out that it was a scam.
“Maybe it’s real, but no reason to breathlessly report it like this,” he wrote.