At present, there is a high likelihood that your Facebook data has been hacked, sold, disclosed or generally misused by third parties. Now, at least in the case of the latest disturbing Facebook incident that made the news this weekend, there is a way to know with certainty.
On Tuesday, did I become Pwned?. A free resource for anyone to quickly assess whether they may have been placed at risk due to an online account being compromised. And said it had added to its searchable database the 533 million phone numbers of Facebook users that are exchanged around by hackers.
The site, run by data breach expert Troy Hunt, lets people input their phone number to check if they’re included in the scraped Facebook data set (which includes more than just phone numbers). If so, the site tells victims what they may have been exposed to and what measures they can take to protect themselves.
The main value of the data is the combination of phone numbers with identity. While each check-in included the phone, only 2.5 million contained an email address,” explains Have I Been Pwned? “. Most cases contained names and genders, including dates of birth, place of birth, marital status and employer.”
On Sunday, Facebook stated in a statement to Mashable that these are old data that were reported earlier in 2019. This problem was discovered and resolved in August 2019.”
The company also published a blog post on Tuesday, which explains that the relevant user data has been removed from its platform. “Scraping is a common tactic that often relies on automated software to lift public information from the internet that can end up being distributed in online forums like this,” read the statement in part.
Of course, not all the info included in this dataset that Bleeping Computer. A website about information security and technologies, reports include “the member’s mobile phone number, Facebook ID number, name, gender, location, relationship, profession, date of birth and email addresses could be considered “public”.
If you find that your Facebook data has been scratched by bad actors, you unfortunately can’t do much at this time. As Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation, pointed out on Monday, one cannot really change things as birthdays and phone numbers often remain static for years.
Did I used to be Pwned? suggests general safety precautions that people should take when finding their data in a breach, such as:
Step 1 Protect yourself using 1Password to generate and save strong passwords for each website.
Step 2 Enable 2 factor authentication and store the codes inside your 1Password account.
Step 3 Subscribe to notifications for any other breaches. Then just change that unique password.