A few days back, all hell broke loose when, due to a past vulnerability of Facebook, personal information belonging to a whopping 553 million users surfaced online.
The leak consisting of Facebook IDs, names, location, relationship status, etc., was segmented country-wise and then made freely available for download in a low-level hacking forum.
After the breach, Facebook, in a blog post on Tuesday, said that the mass data collection took place in 2019 due to a vulnerability in their platform.
According to the social media behemoth, there existed a functionality issue in the platform’s contact importer prior to September 2019 that allowed individuals to imitate the Facebook app and upload large sets of phone numbers to see which are the ones that matched to Facebook users. From thereon, threat actors queried a set of user profiles and obtained a limited set of information from public Facebook profiles.
While the scrapped data didn’t include user credentials, it still included other vital personal information. And moreover, when considered the data range, 2019-2021 is not a very long period. Thus much of the revealed information can still be valuable to threat actors who might use it for social engineering and phishing attacks.
How To Find Out If Your Facebook Data Leaked?
So, how do you find out if your information was included in the breach as well? It is quite easy.
Simply head over to ‘Have I been Pwned’, a search engine service offered by Troy Hunt, a security expert.
As and when data leaks occur, the data dumps are added to the search engine so that the general public can type in their email address (in the international format) and check to see if their personal information has been published online or not.
Have I been Pawned has already added Facebook’s recent record data leak, and you will be able to check if your data has been compromised by entering your email or phone number.
Note here that only 2.5 million records from the leaked database contain an email address. Therefore, you are more likely to accurately determined if you were part of the breach or not by entering your phone number.
Your Information Was Breached, Now What?
Now, if you are one among the many unlucky Facebook users whose data was exposed, sadly, there exist no damage control measures. You must either change your discard the email address and phone number in use or be wary of potential online scams and fraudulent cold calls 24/7.
Going forward, as the price of an individual’s private data in an online space keeps climbing up, you must audit your social media profiles to determine what kind of data you have shared publicly. This will help you avoid similar incidents in the near future.
We will keep you updated on all future developments. Until then, stay tuned and stay safe.