Update (06/04/2021 4.00 PM IST): HaveIBeenPwned has added a new search for phone numbers involved in this leak. You can use the same search box to search for your phone number with your country code as described below. You can find more details here.
Multiplereports over the weekend confirmed that an attacker published details — including names, user IDs, phone numbers, and emails — of more than 533 million Facebook users on a forum.
Alon Gal, CEO of security firm Hudson Rock, tweeted about the incident back in January, saying that the database came to the fore when a Telegram user made a bot that let users query the database for a fee.
Catalin Cimpanu of The Record also independently reported that the database was available in 106 different country-wise packages. While these files are publicly available, you’ll need to buy forum credits to download them.
While most records had phone numbers attached to them, multiple email IDs were also exposed. You can use haveibeenpwned, a website that loads email IDs that were exposed in various breaches, to check if your ID was affected.
Here’s how you can do it:
- Head to haveibeenpwned.com on your phone or desktop.
- Enter your email ID.
- If your email was compromised, you’ll get a warning to change the password and enable two-factor authentication. You can also scroll down on the page to see all the breaches that may have included your credentials tied to the email address you entered.
The founder of the website is also considering loading the leaked phone numbers in the database. We’ll update the story if that happens.
It’s better to change your password as the first step. You can check here if any of your old passwords have been compromised — so you could avoid reusing them. Plus, you should start using a password manager if you’re not doing it already.
Facebook told The Record that this data dump originated from its 2019 breach, and the issue was fixed in August that year. Now that data is public, anyone could obtain it for a few bucks and target millions of individuals for spamming or doxxing.