Several users whose messages were published confirmed to the BBC that the messages were legitimate, although basic data from the 176,000 accounts could feasibly have been acquired without hacking the accounts.
Upon further investigation, BBC Russian Service contacted five users whose private messages were leaked online and was able to verify the posts' authenticity.
The social network is also working with local authorities to remove the website where the sample data was posted.
Charlie Nash is a reporter for Breitbart Tech.
Last month in October, cyber attackers stole data from 29 million Facebook accounts using an automated programme that moved from one friend to the next. But as you'd expect, there are also more sensitive discussions, including "intimate correspondence between two lovers", as the BBC describes it.
Facebook, however, said its systems were not breached as part of the hack.
The big picture: The latest security breach involving Facebook may not be the company's fault. But the stolen private messages sure look legit.
The embattled network has had a bad year for data security and questions will be asked about whether it is proactive enough in responding to situations like this that affect large numbers of people. The breach forced millions of Facebook's users across the globe to log out of their accounts as the company "reset the access tokens of the nearly 50 million accounts that were affected to protect their security".
The breach was first discovered in September.
Once started, it would connect to a variety of Facebook URLs and steal information from them.
The BBC said there was reason to believe the 120 million claim was exaggerated.
John Smith did not explain why he had not advertised his services more widely.
Facebook is under the microscope ever since the Cambridge Analytica scandal came to light and the social networking platform is trying to deal with every situation carefully.