By now, you have probably heard of the huge Facebook data breach, in which upwards of 533 million Facebook users from 106 countries had personal data leaked online, including phone numbers, Facebook IDs, birthdates — you name it.
Your first question will be, of course, how to check whether you are part of that breach. There are a couple of places out there where you can find out whether your data has been compromised.
One well-known site that tracks data breaches is Have I Been Pwned. Just follow the link to the site and put in your email address or phone number. You will find out not only if you’ve been part of the Facebook breach, but also any other breaches in which your data may have been compromised.
Troy Hunt, creator of Have I Been Pwned, was considering whether to include a phone number search (as this comes with certain privacy risks), but ultimately decided to add the feature:
Should the FB phone numbers be searchable in @haveibeenpwned? I’m thinking through the pros and cons in terms of the value it adds to impacted people versus the risk presented if it’s used to help resolve numbers to identities (you’d still need the source data to do that).— Troy Hunt (@troyhunt) April 4, 2021
Another tool for checking your phone number against the leaked Facebook database (suggested by Gizmodo) is a site called The News Each Day, in which you input your phone number to find out whether it’s part of the breach. According to David Johnstone, the creator of the site, in order to protect your privacy, the site generates random phone numbers that start with the same five digits as your number and sends 99 fake and one real number to the server, so it can’t know which is the real number.
And if you do find out that your data has been compromised? Some of the steps you can take are to change the passwords of compromised sites, use a password manager so that you can create and track unique passwords for each site (so that if one is compromised, it won’t affect any others), use two-factor authentication for additional security, and stay alert for news of any other breaches.
Update Tuesday April 6th, 7:51AM ET: Updated the story to note that Have I Been Pwned now also lets you search for your phone number in the Facebook data breach.
Update Tuesday April 6th, 10:07AM ET: Updated the link to The News Each Day and noted its new security features.