When you subscribe we will use the information you provide to send you these newsletters. Sometimes they’ll include recommendations for other related newsletters or services we offer. Our Privacy Notice explains more about how we use your data, and your rights. You can unsubscribe at any time.
Facebook users can now check whether their personal details – including names, phone numbers, gender, relationship status, current location, occupation, date of birth and email addresses – were included in the devastating leak shared online earlier this week. The personal information of more than 530 million Facebook users was discovered in the collection of stolen data, which was collected back in 2019. For context, 530 million is roughly 20 percent of Facebook’s entire subscriber base.
Although the information was stolen from Facebook last year, it was sold privately between hackers online. While the stolen records weren’t available publicly at the time, cyber thieves were seemingly using the personal information to try to break into users’ accounts, steal payment details, and more. Over time, a treasure trove of this scale is traded between criminals multiple times and begins to lose its value as it changes hands time and time again.
And now, more than two years after it was initially stolen and sold to the highest bidder, the records have been shared online for anyone to see. Given that most of us keep the same mobile number and email address for many years, it’s a little worrying that so much personal information is now available publicly.
Fortunately, Have I Been Pwned is now using the stolen data published for free on the hackers forum to enable Facebook users to check whether their records were included in the large-scale breach back in 2019. Have I Been Pwned, created by renown security researcher Troy Hunt, is usually a way to find out whether your password has been included in a leak online. Entering the password will search publicly-available stashes of stolen passwords. If your details have been nabbed by hackers, you’ll need to change them.
People who use the same email address-password combination for multiple online accounts are at a higher risk, since criminals can use the stolen login credentials from one website to login to another – allowing them access to your email, social media, or worst of all, online banking portal.
MORE LIKE THIS
Facebook warning: Why you might soon be forced to change your login
Have I Been Pwned is now updated to allow users to search for both email addresses and phone numbers stolen in the latest breach.
When searching for phone numbers, you’ll need to include the country code for your current location – as that is how the hackers have stored the stolen data leak. So, if you have a mobile number in the United States, you’ll need to start your number with the country code of 1. Those in the United Kingdom will need to use +44, before dropping the first 0 of their number – exactly as if they were dialling the number from abroad.
Since more than 500 million phone numbers were stolen, but only a few million email addresses, it’s worth searching for both on Have I Been Pwned. After all, just because your email address leaked does not mean your phone number did too, and vice versa.
Portal from Facebook: Holly Willoughby appears in advert
If you were one of the unlucky ones and your data was exposed in the leak, you need to be on high alert for phishing emails or text message attacks that attempt to steal more data.
These can include fraudulent links to try to trick you by asking for you to login to a well-known service – Netflix, Apple ID, or a Google Account, for example – or creating a reason for you to input payment details – an unforeseen charge for a missed delivery from the Post Office, to claim a free month of Netflix, and more.
As always, if you think you have been the victim of a cyber attack, read Express.co.uk’s guide to the next steps to take here.
Source: Read Full Article