How to check if your Facebook account was among the 533 million breached

How to check if your Facebook account was among the 533 million breached

Personal information of 533 million Facebook users is now freely available after a database containing the information was put on a low-level hacking forum for free. The database contains full names, email addresses, phone numbers, birthdays, and locations.

The data leak originally occurred in late 2019/early 2020 after malicious actors exploited a vulnerability that allowed one to see the phone number linked to a Facebook account. While the vulnerability was patched by Facebook soon after, information of 533 million Facebook accounts was still stolen. The database contains personal data of users from 106 countries (a full list of affected users by country can be found here).

The breach was newly reported on Saturday when a user posted the database on a low-level hacking forum for free. Insider, who first broke the story, reviewed a sample of the data, which allowed them to verify the legitimacy of the data. The posted data indeed contains information of 533 million Facebook accounts.

As we already said, the database itself is not new. However, the reason it made headlines all over the world is because it’s offered for free. Previously, gaining access to the data required payment. Alon Gal revealed in January this year that a Telegram bot was created to allow people to query the database containing the 533 million Facebook account details for a small fee. On April 3, he revealed that the database is now available for free.

Details include:

Phone number, Facebook ID, Full name, Location, Past Location, Birthdate, (Sometimes) Email Address, Account Creation Date, Relationship Status, Bio.

Bad actors will certainly use the information for social engineering, scamming, hacking and marketing.

– Alon Gal (Under the Breach) (@UnderTheBreach) April 3, 2021

How to check whether your Facebook account was part of the 533 million

While the social media giant appeared to downplay the data leak by claiming it involved “old” data, this incident renewed concerns over how Facebook handles user data. The numerous incidents involving leaked user data are certainly affecting users’ trust in the company. The data being a couple of years old also does not change the fact that those part of the breach are now at increased risk of becoming targets of social engineering, phishing, and hacking attacks. And since the data is offered for free at the moment, more malicious actors will be able to use it for their malicious purposes.

The database has been known for many months now, and because Facebook did not provide a tool for users to check whether their data is part of the breach then, it’s unlikely to provide one now. Users can, however, at least use outside sources to check whether their email address or phone number has been leaked.

Users can check whether their email address was part of the database on haveibeenpwned. However, it should be mentioned that only 2.5 million records contained email addresses, so it’s not an indication that a user is not part of the data breach if their email does not appear. The same site now allows users to put in their phone numbers to check whether they were ever leaked.

For users whose information is confirmed to be part of the now freely available database, it’s recommended to change their Facebook passwords and enable two-factor authentication. For two-factor authentication, a safer option is to use an app rather than authentication via SMS. Users should also be on high alert as they may be targeted in various scams.

Site Disclaimer

WiperSoft.com is not sponsored, affiliated, linked to or owned by malware developers or distributors that are referred to in this article. The article does NOT endorse or promote malicious programs. The intention behind it is to present useful information that will help users to detect and eliminate malware from their computer by using WiperSoft and/or the manual removal guide.

The article should only be used for educational purposes. If you follow the instructions provided in the article, you agree to be bound by this disclaimer. We do not guarantee that the article will aid you in completely removing the malware from your PC. Malicious programs are constantly developing, which is why it is not always easy or possible to clean the computer by using only the manual removal guide.

Leave a comment

Your email address will not be published.