facebook security data breach passwords dark web

Facebook Buys Exposed Passwords From the Dark Web

Facebook, the largest social media platform, had a security breach which Facebook credentials were stolen.  The leaked data was found on the Dark Web!

The Dark Web

Plenty of goods can be bought on the Dark Web.  Drugs, hitmen, identities, credit card information.  Facebook’s stolen data was amongst the various items for sale.

Facebook bought the leaked information that was for sale on different Dark Web markets.

Stronger Passwords

Facebook cross-referenced these newly purchased passwords with the appropriate user, advising them to reset their password to something stronger to ensure their account’s safety.

According to Facebook’s Chief of Security, Alex Stamos, states that the major threat to the safety of user accounts are weak passwords and reusing the same password for multiple accounts.

Cross-Referencing Passwords

To find the account of the password to which it belongs to, the Facebook security team converted the plaintext passwords to a one-way hashing code.  The code is then compared to hashes that Facebook already has stored.

From there, if the two hashes are a match, Facebook identifies the user and sends them a request to update their password to enhance account security.

Facebook and Security

Many people are concerned that Facebook purchased stolen credentials from hackers from the Dark Web, which may promote cybercriminal activity.  Facebook will just pay off hackers to return stolen passwords as Facebook is concerned about the security of their users’ accounts.

Facebook has additional security measures in place such as two-factor authentication, which users will need a code as well as a password to access their account.  A new feature for account recovery is by having a close friend to help verify the user’s recovery request.