A little less than a year ago we learned of Facebook’s penultimate data breach, and it is that recently a leak was published online with the personal data of 533 million Facebook users in 106 countries, including full names, phone numbers, dates of birth, email addresses, and even physical locations, among other information.
Although it is not a new leak, but a security breach, part of a vulnerability that Facebook corrected already in August 2019, it seems that this data has begun to be much more accessible within the web. And it is that although in these two years it is possible that many users have modified some of that data, there is still a great bulk whose information would continue to be exposed.
Luckily this week some of these data found have been added to the website Have I Been Pwned, known repository to check if we have been victims of any online leak. In fact, Troy Hunt himself, creator and main operator of this site and regional director of Microsoft in Australia, groped Twitter users on whether to add, in addition to the already present search by email address, a new option to find and find out if our phone numbers have been unlawfully shared.
A function that today confirmed it is already available, and that has prompted us to create this little tutorial.
You can now search @haveibeenpwned for phone numbers in the Facebook data. Here’s why, and how it works: https://t.co/xUnMTE26Ms
– Troy Hunt (@troyhunt) April 6, 2021
How to know if I have been hacked
The operation of Have I Been Pwned is very simple and intuitive, meeting with a little search bar as soon as you access the website. So, starting today, in this same box we can write any of our email addresses or phone numbers that we believe may have been victims of this or any other leak, and press the button “Pwned?”.
In the event that we have managed to keep our data safe, it will be displayed a small green curtain. On the other hand, in the event that we see a red drop down, it will mean that the number or email entered has been hacked.
Although we can scroll to find out which platform or company has been related to the leak, helping us to slightly focus the possible compromised data, it is worth mentioning that this website is not able to help us prevent this data from remaining available in the width of net.
That said, it would be best to change all of our credentials related to these leaks, in addition to updating the rest of the platforms or websites in the event that we use a duplicate password or that we believe is compromised.