The Customer

As the largest social media company on the planet, Facebook needs no introduction. The platform has over a billion users with at least half that number active every day. Facebook employs tens of thousands of people, globally, and in 2020, earned roughly 86 billion dollars in annual revenue.

The Problem

The market for the buying and purchasing of stolen accounts and databases is enormous. There is a major market for the sale of hacked or stolen social media accounts. Hackers are able to generate tens of thousands of dollars in revenue per week by selling access to hacked social media accounts, which they often advertise the sale of this data on the very platform whose customers they hacked!

In addition, unsecured public databases often leak sensitive data information, often containing identifiable social media information. In many cases, data leaked through unsecured public databases is also illegally by data scraping. In order to crack down on sites illegally collecting data on its users, Facebook needed a way to monitor public databases which contained Facebook user data in order to send the appropriate legal takedown notices.

The Solution

February, 2021, many news outlets reported “a coordinated takedown between Facebook and Instagram targeting account thieves”. Several of ARIA’s key modules were used to help provide the critical intelligence needed to facilitate this takedown. Stolen account shops, sellers, and resellers can be easily targeted and researched using ARIA’s advanced forums and marketplaces searches and watchlist features.

In addition, the targeting and coordinated takedown of servers leaking sensitive data Facebook user information was facilitated using ARIA’s ‘meta-search’ module, which crawls and tags metadata from public databases. Any data matching specific parameters was sent to Facebook’s internal incident response teams in order to begin the process of legally taking down any server or service illegally obtaining data on Facebook or Instagram users.