leaksear.ch has indexed a Facebook breach dataset containing 77,712 records, dated August 1, 2019, with country, date of birth, email address, name, phone number, and username available as searchable fields (leaksear.ch metadata). The source metadata links the dataset to public reporting on Facebook's 2019 scraping incident (leaksear.ch metadata). Meta later said that incident involved abuse of its contact importer rather than a direct hack of Facebook systems (about.fb.com, www.wired.com).
What happened
Public reporting in April 2021 described a larger Facebook corpus posted on a hacking forum: Business Insider reported more than 533 million users from 106 countries, and BleepingComputer reported 533,313,128 records with mobile numbers, Facebook IDs, names, gender, location, and other profile data (www.businessinsider.com, www.bleepingcomputer.com). Have I Been Pwned lists the broader Facebook incident at 509 million affected accounts, with an August 2019 breach date and an April 4, 2021 add date (haveibeenpwned.com).
Meta's own April 6, 2021 post said malicious actors got the data by scraping profiles before September 2019 using the contact importer, not by hacking Facebook systems. Meta also said the data did not include financial information, health information, or passwords (about.fb.com). WIRED reported that Facebook had patched the underlying contact-importer issue in 2019, while also noting uncertainty around how often it was exploited before the change (www.wired.com).
The 77,712-record leaksear.ch source should be read as the indexed dataset described in the metadata, not as the total scale of the public Facebook incident (leaksear.ch metadata). Public breach trackers and reporting put the broader incident in the hundreds of millions of accounts (haveibeenpwned.com, www.businessinsider.com).
What data was exposed
According to leaksear.ch metadata, searchable fields in this source are country, date of birth, email address, name, phone number, and username (leaksear.ch metadata). Additional stored context includes gender, hometown, and location, along with parser and source-file metadata, but those additional fields are not listed as searchable pivots (leaksear.ch metadata).
Those fields overlap with public descriptions of the broader incident: Have I Been Pwned lists dates of birth, email addresses, genders, geographic locations, names, and phone numbers among compromised data, while BleepingComputer reported that almost every sample it viewed contained a mobile number, Facebook ID, name, and gender (haveibeenpwned.com, www.bleepingcomputer.com). Meta said the scraped data did not include passwords, financial information, or health information (about.fb.com).
Why this matters
The practical risk is linkage: phone numbers, names, dates of birth, locations, and usernames can help attackers make phishing, smishing, account-recovery, and impersonation attempts look credible. BleepingComputer specifically warned that email addresses and mobile numbers can be used for phishing and smishing, and that phone-number exposure can support SIM-swap targeting (www.bleepingcomputer.com).
For security teams, matches in this dataset should be treated as exposure indicators for employees, VIPs, or customers who may receive targeted lures referencing Facebook profile details. Individuals who find themselves in this leak should be cautious with unexpected calls, texts, and emails that cite old profile information or ask them to reset passwords, share codes, or click links.
Check your exposure
Vetted researchers and incident-response teams can request access or sign in if they already have access to check this dataset. Searchable pivots for this leak include country, date of birth, email, name, phone, and username.
Sources
- Have I Been Pwned: Facebook Data Breach
- Meta: The Facts on News Reports About Facebook Data
- WIRED: What Really Caused Facebook's 500M-User Data Leak?
- Business Insider: 533 million Facebook users' phone numbers and personal data have been leaked online
- BleepingComputer: 533 million Facebook users’ phone numbers leaked on hacker forum