How to find out if your data has been leaked from Facebook
You’ve probably already heard that there’s a huge data leak where 533 million Facebook users saw their data leak online. These are phone numbers, Facebook IDs, birthday dates and of course email addresses. The leak concerns users from 106 countries around the world, including Greece and, at least this time, was not done with the company’s consent. But the question first of all is whether we are among those whose personal data has been compromised.
First and easiest way of all is the site Have I Been Pwned which essentially a tracker of all data leaks known to date. All you have to do is follow the link and type your e-mail. There you will find if you are part of Facebook breach and many more leaks of your personal information that took place without your consent. I’ve already found two cases like this.
The creator of the site entered was thinking about whether to include in his search and phone numbers. On the scale, he put on one side the right of those who have violated their data to know it. On the other hand, of course, there were the huge risks.
Should the FB phone numbers be searchable in @haveibeenpwned? I’m thinking through the pros and cons in terms of the value it adds to impacted people versus the risk presented if it’s used to help resolve numbers to identities (you’d still need the source data to do that).
— Troy Hunt (@troyhunt) April 4, 2021
However, if you want to check if your phone is among what has been leaked, there is a tool on The News Each Day site where you put your phone to find out if it is part of the breach. This site however is not so well known, so until some time has passed it is probably better to catch a much better known site like the one mentioned above. In any case, Troy Hunt informed in a later tweet that he expected to upload the phone numbers that may have been leaked to Facebook.
If you find your e-mail, what do you do?
Some of the steps you can take are to change the codes of the sites you have an account on. Ideally use a password manager to make different accounts for each of them. Key is also you’d have two-factor authentication. For example, by connecting access to a site with approval from your mobile phone. And of course always be aware of what’s going on in the field.