Over the weekend, it was revealed that a major data breach had exposed personal information about Facebook users, including phone numbers, full names and dates of birth, and email addresses. Now there is a way to check whether your personal information has been compromised.
Although the Facebook data leak has only just been reported in the news, the data breach itself occurred much earlier, as security firm Hudson Rock explained on Twitter in January of this year. The company stated the year 2020. As a reminder, here is the message from the weekend:
The database, posted on a hacker forum, contains the personal information of hundreds of millions of Facebook users worldwide. The data, discovered on Saturday, has the potential to be used for a variety of crimes, including other hacks and social engineering. As Alon Gal, CTO of cybercrime research firm Hudson Rock, told Business Insider, the data included users' full names, as well as Facebook IDs, locations, birth dates, biographies, phone numbers and email addresses. A selection of records from the cache were verified using Facebook's password reset feature and found to be authentic.
Facebook itself confirmed has now confirmed the leak, but said that it actually occurred in 2019, not 2020. Now around 533 million users in 106 countries appear to be affected.
Facebook data leak: Is your personal data affected?
Like TNW reported, haveibeenpwned.com now has a copy of the data so users can check if their personal information was compromised. Here's how:
- Visit the website haveibeenpwned.com on one of your devices.
- Now enter your email address stored on Facebook in the [email or phone (international format)] field.
If your email address has been compromised, you will receive a warning. At this point, you should change your Facebook password and, if you haven't already done so, activate two-factor authentication. According to TNW, users can currently only check their email address. But the database is to be expanded soon, which should also make it possible to compare cell phone numbers. Be that as it may, there is currently another wave of spam SMS messages and emails going around. This is partly due to the Facebook data leak - but not exclusively. You should therefore generally ignore suspicious content. As always, it is advisable to use a password manager such as the iCloud keychain. In addition, you should activate two-factor authentication for every service. This prevents two of the most common forms of attack: dictionary attacks, in which the hacker tries out a large number of commonly used passwords, and testing login information from an attacked website on a number of other platforms. (Photo by Denys Prykhodov / Bigstockphoto)
Update from April 8, 2021:
From now on, phone numbers can be verified in addition to email addresses. In addition, users who prefer a German-language verification tool can https://www.experte.de/email-check carry out the self-check.
