The phone numbers of more than 500 million Facebook users were stolen and then posted on the web. You are probably wondering if your mobile number is in this list. You will find in this guide a solution to see if your personal data has been made public on the internet.
What information was stolen?
The Facebook platform was the victim of a large-scale attack during the year 2019. The data stolen by cybercriminals have just reappeared on the net, in recent days, in plain view.
This is not the first time that the social network has been the victim of this type of attack. We all remember the Cambridge Analytica case and the data hacking of 80 million users. But what is amazing about this attack is the number of people affected and the fact that the information was posted online.
The stolen data concerns more than half a billion users (533 million) in 106 different countries. In France, nearly 20 million users have been affected by this attack. Personal information stolen includes phone number, Facebook ID, full name, place of residence, date of birth and in some cases email address.
Facebook says the flaw responsible for the massive data breach has since been corrected. However, the stolen data could be used by crooks for robocalls, spam campaigns or phishing operations (Phishing).
Check if your personal data has been exposed
The telephone numbers but also the birthdays and the full names of 533 million users have been circulating freely on the web for several weeks. Anyone can get their hands on it.
The worst part about all of this is that you don’t really know if you have been the victim of this leak. With nearly 20 million French users affected out of the forty Facebook accounts, you have about a one in two chance of having your account hacked.
You are probably wondering if your mobile number is not circulating on the web. Security analyst Troy Hunt, editor of the reference site Have I Been Pwned, allows anyone to check if their Facebook profile is affected by this hack. Here is how to do it.
- Open your favorite web browser
- Enter the URL of the site in the search bar https://haveibeenpwned.com/
- In the search field, enter your phone number in international format
- You must replace the 0 by +33
- Press the pwned button? to start the search
The site will then tell you if your number is part of the leak. If so, be aware that malicious people could use this data to launch scam attempts. So pay close attention to the SMS or emails you will receive in the coming months.