Multiple reports over the weekend confirmed that an attacker published details — including names, user IDs, phone numbers, and emails — of more than 533 million Facebook users on a forum. Catalin Cimpanu of The Record also independently reported that the database was available in 106 different country-wise packages.
While most records had phone numbers attached to them, multiple email IDs were also exposed. You can use haveibeenpwned, a website that exhibits email IDs exposed in various breaches to check if your ID was affected; reports The Next Web.
Here’s what you need to do:
- Head to haveibeenpwned.com on your phone or desktop.
- Enter your email ID.
- If your email were compromised, you’d get a warning to change the password and enable two-factor authentication. You can also scroll down on the page to see all the breaches that may have included your credentials tied to the email address you entered.
Alon Gal, CTO of a cybercrime intelligence firm Hudson Rock, stated the following to Business Insider:
“A database of that size containing the private information such as phone numbers of a lot of Facebook’s users would certainly lead to bad actors taking advantage of the data to perform social engineering attacks [or] hacking attempts.”
Facebook has said that this data dump originated from its 2019 breach, and the issue was fixed in August that year. Now that data is public; anyone could obtain it for a few bucks and target millions of individuals for spamming or doxxing.
Source: The Next Web