As reported by Verge, the compromised data also include Facebook IDs, full names, locations, birthdates, bios, and even email addresses in some cases. This is prime ground for hackers out to commit identity fraud.
So, how could you be sure if your personal details was part of the breach? You’ve come to the right place.
Facebook breach: What you need to know
Troy Hunt, the mastermind behind Have I Been Pwned. Hunt’s website allows you to check if and where your email address or phone number has been leaked online. When the breach first made headlines, Hunt said:
“I’m looking into it and yes if it’s legit and suitable for @haveibeenpwned. It’ll be searchable there shortly”.
He then added that “on closer inspection, all the files names are Italian. So Norway (“Norvegia”) is there as is Sweden (“Svezia”) and Denmark (“Dinamarca”)”.
Massive leak spanning ‘various places’
Hunt explained that he found “a lot of friends from various places who’ve confirmed their exposed data”, and also explained the impact for the massive Facebook breach:
“For a targeted attack where you know someone’s name and country, it’s great for mobile phone lookup. Much harder to do en masse as there’s no reliable key; I couldn’t take a big list of emails and resolve them to phone numbers as email is rare in the data.”
Furthermore, the breach is “gold” for spam-based activities. He said it goes further than just SMS-based spam, as there are “heaps of services that just require a phone number these days
“Now there [are] hundreds of millions of them conveniently categorised by country with nice mail merge fields like name and gender”.
How to check if your details were leaked
When falling victim to an entertainment data breach, the first step is to confirm whether your information was compromised. That’s were Troy Hunt’s website comes in handy.
It’s super easy to check: simply type your email address in the search bar and all will be revealed. The site also offers suggestions on how to secure your data in future.
The email address I use to sign up to sites and services online – which is not my personal or work email, just a collection for junk mail because this isn’t my first rodeo – have been “pwned” 13 times.
While my details weren’t included in the Facebook breach, the site informed me of several other culprits, such as Adobe, Canva, Disqus, Mashable, and Patreon.
How to secure your data
You could potentially protect yourself by using services such as 1Password or LastPass to generate and save strong passwords. Don’t use the same password on multiple sites.
In addition, you should also really activate 2-Factor Authentication. I’ve personally been the victim of a PSN hack and I cannot stress enough how important it is to have two-factor authentication activated.
One really good way is to get a password manager that stores all your unique passwords so you only have to remember one (for the password manager website).
It’s also vital to stay proactive after a data breach and monitor your accounts for suspicious activity.
Now read: Here’s how to prevent people and apps from stealing your data