What to Do If Your Phone Number Is One of the 309 Million Numbers That Were Leaked by Facebook?

If you use Facebook, it is likely that you have used your personal phone number to verify yourself or to provide your Facebook friends with a way to contact you. You can add the number to the About section on your profile page, where you can also add your home address, email address, social links, date of birth, and other personal information. While you can adjust the settings to limit who can view this information, you have to think about whether it would not be best to delete this information completely. In fact, it is always a good idea to limit the exposure of private information. If you have multiple social networking accounts, think about what kinds of information is available publicly, and think whether that information could be used against you.

Unfortunately, even if you only allow friends and followers to access personal information, you cannot prevent data leaks. Facebook itself and the associated third parties, who have access to sensitive data, could be responsible for that, and it is not up to you to ensure that they secure your private information appropriately. Hopefully, Facebook and third parties understand that; however, errors, vulnerabilities, and mishaps cannot be prevented. For example, it was recently reported that 5,000 app developers had access to personal Facebook users’ information because of a simple bug. You cannot prevent such bugs, but you can enhance your Facebook privacy to ensure that you are not harmed even when vulnerabilities and data breaches occur. While all personal details are sensitive, and you must secure all of them, we suggest looking at your mobile number that is linked to your Facebook account first.

Facebook privacy is jeopardized when sensitive information is leaked

Earlier this year, researchers at Comparitech found a password-unprotected database that contained hundreds of millions of private Facebook users’ records. At the time of research, it was not clear what had led to the leak of these records, but it was believed that vulnerabilities within Facebook’s third-party developer API could have facilitated that. In a different scenario, private records could have been accumulated through a process of scraping, during which hackers retrieve all publicly available data illegally. The first server that contained all leaked information became inaccessible soon after its discovery in December. However, in March, a new server containing the same information was found. Unfortunately, this time, even more personal records were revealed. Initially, the leak consisted of 267 million unique Facebook IDs, full names, timestamps, and phone numbers. During the second wave, 42 million records were added, and these included unique Facebook IDs, phone numbers, profile details, email addresses, and “other personal details.”

In total, 309 million sensitive records were leaked, and they were available to anyone. While access to the first server was disabled after researchers got involved and reported Facebook privacy violations to the host, the second server was attacked by an unknown party, after which, sensitive records were replaced with random data. Unfortunately, the database was open for days every time, which means that the exposed data could have been accessed and copied by malicious parties.

Hackers can jeopardize your Facebook privacy with email addresses and phone numbers

It is impossible to know who might have your Facebook ID, full name, email address, and phone number if this data was included in the exposed database. Unfortunately, this leaves you extremely vulnerable. While passwords were not leaked, your Facebook privacy could suffer anyway. For one, phishing attacks could be performed. With an email address and a full name in hand, the attackers can send personalized messages with requests to update/reset/change your password. Password reset codes and links to fake login pages could be sent via SMS as well. This is how the exposed phone number could be exploited.

In a different scenario, your Facebook privacy could be jeopardized if attackers decide to brute-force access to your account. Since your Facebook ID and email address are exposed, the attackers can use special software and hardware to try to guess your password. Unfortunately, people continue to use weak passwords that are not that hard to crack, and if hackers succeed, they can take over accounts. Therefore, although passwords were not leaked, we strongly advise that you update your password as soon as possible. Note that your Facebook password has to be unique, long (12 characters or more), contain letters, numbers, and symbols, but should not contain words or personal details (e.g., names of your hometown, school, parents, pets etc.). Ideally, you cannot remember the password you create, which, of course, creates a problem. The good news is that you do not actually need to remember passwords if you use a tool like the Cyclonis Password Manager.

How to protect leaked phone numbers

While you can change your password after it gets leaked, you cannot change your name, and it might be too much of a hassle to change the exposed phone number or email address. That being said, if you used a phone number to verify yourself when logging into your account, you might want to look into a different authentication method (go to Use two-factor authentication to learn about your options). While you are at it, you should also adjust your Facebook privacy settings to ensure that the personal information you share is only visible to friends and cannot be exploited by malicious parties. Another thing to keep in mind if you need to protect leaked phone numbers is that you might receive misleading texts with links, codes, and requests. Without a doubt, you must pay attention to all messages that you receive, and you must evaluate them carefully before interacting with them.

Ultimately, you might be unable to protect leaked phone numbers completely, especially if you want to share them and if you want to use them for two-factor authentication. However, keep in mind that you can minimize your chances of having your Facebook privacy jeopardized by choosing appropriate privacy settings and limiting access to the information you share. Hopefully, you can ensure Facebook privacy in the future, and remember that keeping yourself informed always puts you one step ahead.

By Foley
July 23, 2020
News
July 23, 2020
News

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

News

Facebook Users at Risk of SIM-Swapping Attacks After Their Phone Numbers Are Leaked Online

When the Cambridge Analytica scandal broke out in March 2018, people thought it was a big one. The UK-based company had collected the information of quite a few Facebook users through a personality quiz app and had... Read more

September 5, 2019
News

Dunzo Users Need to Be Careful After Their Phone Numbers and Email IDs Got Leaked

On Saturday, Mukund Jha, the CTO of an Indian delivery service called Dunzo, was faced with the unenviable task of telling users that some of their data had been exposed. In a blog post, Jha apologized profusely and... Read more

July 13, 2020
Password Security

538 Million Weibo Records Are Sold on the Dark Web, 172 Million Phone Numbers Included

Having a social media account can help you share your everyday moments with your family and friends or catch up with what is happening in their lives. The downside of using social media platforms is that, while... Read more

May 18, 2020
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.