Social media giant Facebook is back under the scanner, this time over a massive data breach that allegedly leaked personal information of around 533 million users online. This data includes critical information like profile names, Facebook ID numbers, email addresses and phone numbers.
“We believe the data in question was scraped from people’s Facebook profiles by malicious actors using our contact importer prior to September 2019. This feature was designed to help people easily find their friends to connect with on our services using their contact lists,” Mike Clark, Product Management Director at Facebook said in a blog post on April 6.
One of the most popular website that tracks internet data breaches is Have I Been Pwned. Follow this link and enter your email address or phone number. This will reveal not only if your data was breached under the Facebook hack but also any hack across the internet.
Troy Hunt, founder of this website was hesitant on adding the phone number search feature since it has a separate set of risks involved but ultimately decided to go forward with it.
Should the FB phone numbers be searchable in @haveibeenpwned? I’m thinking through the pros and cons in terms of the value it adds to impacted people versus the risk presented if it’s used to help resolve numbers to identities (you’d still need the source data to do that).
— Troy Hunt (@troyhunt) April 4, 2021
Another website that can be accessed to check if your phone number was exposed to any kind of compromise is The News Each Day. Here, you enter your phone number and within no time, you know if your contact information was part of any breach. The site generates random phone numbers that start with the same five digits as your number and sends 99 fake and 1 real number to the server in order to protect user privacy.
You should immediately change the passwords of compromised IDs, take the support of password managers and create unique passwords for different sites. Two-factor authentication is also a highly suggested measure to stay protected from raging security breaches online.
Facebook maintained that malicious actors obtained this data not through hacking their systems but by scraping it from the platform prior to September 2019.
According to a report in Business Insider, personal information of over 3.2 crore users in the US, 1.1 crore in the UK, and 60 lakh in India were exposed to scammers and phishers. Government data suggests India has 53 crore WhatsApp users, 41 crore Facebook users and 21 crore users of Instagram. This means 1.5% Indians are at the risk of Facebook security breach.
Security expert Alon Gal who is the CEO of Hudson Rock was the first to reveal the breach on Twitter.
In early 2020 a vulnerability that enabled seeing the phone number linked to every Facebook account was exploited, creating a database containing the information 533m users across all countries.
It was severely under-reported and today the database became much more worrisome 1/2 pic.twitter.com/ryQ5HuF1Cm
— Alon Gal (Under the Breach) (@UnderTheBreach) January 14, 2021
Download Money9 App for the latest updates on Personal Finance.