By now you’ve probably heard of the massive data breach on Facebook, where more than 533 million Facebook users from 106 countries leaked personal information online, including phone numbers, Facebook IDs, dates of birth – you name it.
Your first question, of course, is how to check if you are part of that breach. There are a number of places where you can find out if your data has been compromised.
A well-known site that keeps track of data breaches is Have I Been Pwned. Just follow the link to the site and enter your email address. You will find out not only if you were part of the Facebook breach, but also about other breaches where your data may have been compromised.
While at the time of writing you could only search using your email address, Troy Hunt, the creator of Have I Been Pwned, considered whether you would also search for a phone number:
Should the FB phone numbers be searchable in @haveibeenpwned? I̵7;m thinking about the pros and cons in terms of the value it adds to affected people versus the risk presented when used to resolve numbers into identities (you still need the source data to do that) .
– Troy Hunt (@troyhunt) April 4, 2021
If you want to compare your phone number with the leaked Facebook database, Gizmodo suggested a tool created by a site called The News Each Day, in which you enter your phone number to find out if it’s part of the breach. However, that site is not that well known, so until more is known about it, you may want to stick with the more trusted site listed above.
What if you find out that your data has been compromised? Some of the steps you can take include changing the passwords of compromised sites, using a password manager so that you can create and track unique passwords for each site (so that if one is compromised, it won’t affect others) , use two-factor authentication for added security, and stay alert for news of other breaches.