Facebook denies that “Hannibal” has hacked Arabs’ Facebook accounts

In a series of posts on Pastebin, a hacker who calls himself “Hannibal” (for Hannibal Lecter), has dumped thousands of e-mail addresses and plain-text passwords that he claims are from Arabs’ Facebook accounts. Yesterday, he posted  20,000.  Today, he posted 30,000 more.

I contacted Facebook for a statement on the allegations that they have been hacked. In response, a spokesperson provided the following statement to DataBreaches.net:

This does not represent a hack of Facebook or anyone’s Facebook profiles.We have spent time investigating the information and have determined fewer than a third of the credentials were valid and almost half weren’t associated with Facebook accounts.

Additionally, we have built robust internal systems that validate every single login to our site, regardless if the password is correct or not, to check for malicious activity. By analyzing every single login to the site we have added a layer of security that protects our users from threats both known and unknown. Beyond our engineering teams that build tools to block malicious activity, we also have a dedicated enforcement team that seeks to identify those responsible for threats and works with out legal team to ensure appropriate consequences follow.

People can protect themselves by never clicking on strange links and reporting any suspicious activity they encounter on Facebook. We encourage our users to become fans of the Facebook Security Page (www.facebook.com/security (<http://www.facebook.com/security>) for additional security information.

Hannibal did not respond to an e-mail request sent by this site last night inviting him o respond to Facebook’s denial or to provide proof that Facebook was actually hacked.  If he does provide a statement, I will update this entry.

About the author: Dissent