The latest data incident from Facebook in April saw over 500 million users affected around the globe, with details such as phone numbers, email addresses, and more leaked online.
The Facebook data leak dates back to a 2019 incident, according to Facebook. However, in April 2021, the records were made freely available to download.
No ad to show here.
This means that even if you have deleted your account since 2019, you could still be affected by the breach.
User details compromised in the breach include names, genders, dates of birth, location, employers, relationship statuses, phone numbers, and email addresses.
However, what makes this data leak different from others is the volume of phone numbers linked to users’ identities.
As the creator of the Have I Been Pwned website Troy Hunt notes, the data leaked online included over 500 million phone numbers but only around 2.5 million email addresses.
“There’s over 500M phone numbers but only a few million email addresses so [more than] 99% of people were getting a ‘miss’ when they should have gotten a ‘hit’,” Hunt said in a blog post.
As a result, he has updated the website to allow users to search for leaked phone numbers. Before, you could only search for leaked email addresses or leaked passwords.
How to check if your number was in the Facebook data leak
To check if your number was leaked, visit the HaveIBeenPwned website.
There you will see the main search bar where you enter your email or phone number.
You will need to enter your phone number in the international format.
This means it needs to include the country code. For South Africa, the country code is 27.
You will then need to remove the “0” from your area code or mobile provider code, and add the rest of your number to the country code.
For example, if your cell number is “073 123 4567”, the international format would be “27 73 123 4567”.
Similarly, if your landline was “021 123 4567”, the international format would be “27 21 123 4567”.
Once you enter your number and press “Enter” or click the “pwned?” button, the site will notify you as to whether your number was included in the breach.
What to do if your data was breached
So what should you do if it turns out that your account data was leaked?
Firstly, you should set up two-factor authentication (2FA) for any Facebook, Instagram, and WhatsApp accounts that are associated with the compromised number.
You can also change the email address and remove the number associated with these accounts to prevent hackers from bypassing 2FA to access your account.
You should also be wary of phone calls from unknown sources, as scammers may use your number to target you. Scammers may also attempt to lure you into phishing scams using details included in the leak.
If you want to be extra cautious, you could always change your phone number.
Feature image: Solen Feyissa on Unsplash
Read more: 42% of South Africans pay ransomware demands – study
