It was found last week that, a vast trove of Facebook data has leaked into the public domain. The exposed information included account names, Facebook ID numbers, mailing addresses, and contact information from approximately 533 million Facebook users.
The data was published on a low-level hacking forum online for free. The Facebook data from 106 countries, included over 32 million user records in the United States, 11 million in the United Kingdom, and 6 million from India.
This data breach is worrisome because so many things are now linked to your personal facebook accounts. On the surface level this might be your name or address, but has the potential to be a lot more. Ever checked your Facebook or Instagram and seen an ad for a place you just walked by? That's because there are a number of applications that share your personal location data with Facebook to help with their own advertising. Facebook then leverages this with their algorithms for their own use.
What does that mean? That Facebook also has multiple points where they can track your movements. Which is ever more important than your name or address which can be found in other ways.
The combination of this information if in the wrong hands, unfortunately can be quite harmful.
In this case in particular, personal phone numbers of millions of people were taken and are being distributed across the web. Leveraging your number for their intent and attacks.
Is this New? Or a Repeat of the Past?
Some of you may remember this incident when back in 2019, more than half a billion Facebook accounts information became available for sale on the dark web. Facebook’s immediate reply was clearly that the data had been reported previously in 2019, and the corresponding flaw had been fixed in August of that year.
However, there are claims that this is a continuation of the previous issue that were never solved.
Facebook's response has been to shift blame from their own lack of security and place it on the users, by stating that the user should be aware of how they have their sharing settings set up for their own account.
How to check if you are a part of a Facebook data breach?
After this incident, many users will want to know if their information is part of the data breach. You can check Haveibeenpwned.com with your email or phone number to see if you were effected in this or possibly other breaches.
What are the Next Steps?
Make Sure you aren't Effected
Look for any strange emails or calls that you may have received recently
Such as signing up for something that you have no knowledge of
Change your password
We don't do this enough and it's a good idea to do regularly. If you have trouble remembering passwords, there are many secure password managers.
Thankfully, your location data wasn't apart of this breach. But that doesn't mean it won't be apart of the next one.
Adopt Faraday Sleeves for your Phones, Laptops, and Tablets. This cuts your phone off from the location services of any application that may be running in the background and pinging your cell tower.