There are records for more than 32 million accounts in the United States, 11 million in the United Kingdom, and 6 million in India, according to Alon Gal, the technical director of cyber intelligence firm Hudson Rock.
The personal information of roughly 500 million Facebook users, including their phone numbers, has been posted on a website used by hackers, cybersecurity experts say.
There are records of more than 32 million accounts in the United States, 11 million in the United Kingdom, and 6 million in India, according to Alon Gal, chief technology officer at cyber intelligence firm Hudson Rock.
In some cases, the details include full name, location, date of birth, email addresses, phone number, and relationship status, he said.
MORE: Facebook Introduces New Features to Help People Find Covid-19 Vaccines
Hudson Rock showed CNN Business the phone numbers of two of our team members that are included in the database.
The leak was initially reported by the news website Insider.
"This is old data that was previously reported in 2019. We found and fixed this issue in August 2019," Facebook spokesman Andy Stone told CNN on Saturday.
Facebook did not mention whether it notified affected users at the time.
"In 2019, we removed the ability for people to directly find other people using their phone number on both Facebook and Instagram, a feature that could be exploited using sophisticated software code, to mimic Facebook and provide a phone number. Phone to find out which users it belonged to," Stone added.
MORE: Facebook: Study Analyzes Disinformation in Political Left and Right Accounts
Although this data is from 2019, it could still be valuable to hackers and cybercriminals, such as those who are dedicated to identity theft.
Hudson Rock's Alon Gal noted on Twitter that the way the data was sorted and published on the hacking site this week makes it much more accessible for criminals to exploit.
Rachel Tobac, the ethical hacker and CEO of SocialProof Security, told CNN: "This is the data that cybercriminals are looking for to carry out social engineering attacks (a type of hacking), but now it's all in one place and easily accessible. In this leak, which makes social engineering faster and easier.