On Saturday, media agencies reported that the personal data of half a billion, or more than 533 million Facebook users, have been breached and leaked onto a hacking website.
The leak was first reported by Insider. Hours after, Facebook spokesperson Andy Stone revealed to the same that hackers were able to scrape the data due to a software vulnerability in 2019 that Facebook had already patched.
“In 2019, we removed people’s ability to directly find others using their phone number across both Facebook and Instagram – a function that could be exploited using sophisticated software code, to imitate Facebook and provide a phone number to find which users it belonged to,” Stone explained.
Despite Facebook’s former solution – not to mention its palpable lack of action to notify those affected – that’s still a massive amount of data that it can’t rein back in. This includes sensitive information such as location, phone numbers, and e-mail addresses, all floating freely on the open net, ripe for the picking by any tech-savvy thief.
So how can you check if your data is part of the breach?
The simplest solution you can do is to check haveibeenpwned.com, a trusted third-party website that tracks data breaches.
Just input your e-mail address and the site will scour the entire 20GB database of leaked information to determine if yours was part of it.
As a development, Tony Hunt, the website’s creator, has also made it so that visitors can now input their mobile numbers to check their safety. This is due to the previous drawback of the site where it only combs through about 2.5 million email addresses in the leaked database, which is less than 1% of all people affected.
Plus, the leaked database primarily indexes phone numbers and not e-mail addresses, so there’s a chance that your data might not pop up back then.
Regardless of your search’s result, the massive data leak should be a good enough reason to double, if not triple, your guard over your social media accounts. Change your password regularly, don’t click on any shady links from Facebook, and implement two-factor authentication on your account ASAP.