Hackers have sold personal data of a whopping 267 million Facebook users for just Rs 41,500 (approximately 500 Euros) that includes email addresses, names, Facebook IDs, dates of birth and phone numbers.
Thankfully, no passwords of the 267 million Facebook users were exposed by the hacker, according to the cyber risk assessment platform Cyble.
The Cyble researchers executed the sale and were able to download and verify the data.
"At this stage, we are not aware of how the data got leaked at the first instance. It might be due to a leakage in third-party API (Application Programming Interface) or scrapping," the company said in a statement.
Given the data contain sensitive details on the users, it might be used by cybercriminals for phishing and spamming, it warned.
In December last year, reports surfaced that a database containing names and phone numbers of more than 267 million users was exposed online.
The database was made available for download on an online hacker forum, according to a blog post on the website Comparitech.
A Facebook spokesperson had said at that point of time that "we are looking into this issue, but believe this is likely information obtained before changes we made in the past few years to better protect people's information".
The Cyble researchers recommended users to tighten their privacy settings on their Facebook profiles, and be cautious of unsolicited emails and text messages.
"We are currently indexing the data at our darkweb monitoring platform, and retail users can access it via AmIbreached.com," the company informed.
Facebook faced intense scrutiny after personal data of 87 million users were harvested by UK-based political consulting firm Cambridge Analytica. The Federal Trade Commission (FTC) slapped Facebook with a $5 billion fine as a result of the breach.