How to check if your Facebook data was included in the 533 million account leak
Another day, another data breach.
Over the weekend, a threat actor published the data of over 533 million Facebook users onto a publicly available cybercrime forum. That data includes names, user IDs, phone numbers, and in some cases, emails, supposedly all from a breach back in 2019.
That date might be in question, as Alon Gal, CEO of security firm Hudson Rock, says that it was early 2020 when a “vulnerability that enabled seeing the phone number linked to every Facebook account was exploited, creating a database containing the information 533m users across all countries.” That database was then turned searchable by someone who created a Telegram bot that could query the database for “a low fee.” Yikes.
The Record also confirmed the data dumps, with user data being packaged on a per country basis, with 106 different packages. Those could be downloaded by anyone who purchased forum credits. Most records showed the phone number associated with Facebook, even if that number was private on their profile, which makes things more difficult to search. Some of the records also included the emails associated with the profiles, so you can search for that to see if your account is part of the breach.
Here’s how to check if your email was in the 500 million+ leaked Facebook accounts:
Head on over to haveibeenpwned.com
Put the email you use for your Facebook account into the search box
Click on pwned?
If your email was compromised in this Facebook data breach, you’ll get a suggestion to change your password and to enable two-factor authentication
The search will also tell you any other breaches your email was found in, with suggestions on which services to go change your password on.
Troy Hunt, the founder of haveibeenpwned, is also considering adding the leaked phone numbers to the search box, so you can search via your Facebook-associated phone number.
If your Facebook email is part of that breach, go change your password. Then go here, and check to see if that password has been found in any other breaches. Any services you use that password on should be the first things you go change, and it’s a good time to get yourself a password manager so you can use unique passwords for every account.
- Facebook’s slow reaction to 2020 election misinformation led to over 10 billion views of garbage
- Facebook apps play a crucial role in over half of child sex crimes online
- Parler is trying to get back on the App Store, but Apple ain’t about it
- Twitter has confirmed that its Clubhouse-like Spaces will also be available on desktop