Skip to Content
© Teerachat Aebwanawong |
Security & privacy

Facebook data leak: 500M user phone numbers for sale online

Facebook has a history of betraying its users by not protecting their privacy. That’s why it’s crucial to take matters into your own hands if you choose to stick with the platform. Tap or click here for 10 Facebook privacy and security settings to change.

But now, Facebook’s security and privacy situation seems to be getting worse. A hacker has managed to steal about 500 million Facebook users’ personal data.

While the stolen data is from three years ago, it does contain users’ Facebook IDs and associated telephone numbers. Here’s everything you need to know about the data leak and how to protect your information.

Here’s the backstory

Facebook was alerted in 2019 that criminals could scrape user data from the social media platform. At the time, the company rushed to plug the security hole, but it appears that it was too late.

A hacker claims to have the exact data that Facebook was trying to prevent from being stolen. The list includes user IDs and telephone numbers from the U.S, Canada and 17 other countries.

Not only is the breach itself concerning, but the data is now being sold on the black market. The hacker has set up an encrypted bot profile on the messaging service Telegram and selling access to the data.

Here are some ways cybercriminals can use the bot:

  • By sending a message to the bot, you can see the Facebook ID of a user.
  • If you have someone’s telephone number, you can request to see their Facebook ID.
  • On returning a result, some of the information will be redacted.
  • You need to buy access to view the complete number or ID.

This is done by purchasing credits, which cost $20 each and goes as high as $5,000 for 10,000 credits.

What should you do now?

Matters of personal security should always be taken seriously. But while there isn’t much that you can do about this breach, there are some steps to protect yourself in the future.

  • If your data has been compromised, you need to be on your guard against spam calls and messages.
  • Fraudsters could use the info to send malicious text messages and emails.
  • Don’t reply to any messages that seem suspicious.
  • Don’t respond to claims about the COVID-19 vaccine or any other outlandish assertions.

How do you protect yourself?

You should change your passwords often — at least once every two months. It is also a good idea to use two-factor authentication for all websites and services that offer it. Tap or click here to find out how to enable 2FA on Facebook and other accounts.

To safeguard against spam calls, install a robocall blocking app on your mobile device. Tap or click here for three apps that will help eliminate robocalls.

As scam calls or calls from unknown numbers are growing, there are a few tips and tricks to find out who’s trying to reach you. We have compiled a list which you should bookmark to reference in the future.

Keep reading

World’s biggest database of stolen records — check for your info

This COVID vaccine scam is particularly nasty – signs to watch for

Komando Community background

Join the Komando Community

Get even more know-how in the Komando Community! Here, you can enjoy The Kim Komando Show on your schedule, read Kim's eBooks for free, ask your tech questions in the Forum — and so much more.

Try it for 30 days