Information from more than 533 million Facebook accounts have been found on a hacker website containing names, email addresses and dates of birth.
This has caused a number of privacy advocates and technology experts to urge Facebook users to check their profiles and update their privacy and password settings.
The dataset is an absolute treasure trove for scammers and hackers alike, who now have an updated document containing personal information of the 533 million facebook accounts listed on the website.
News of the database of Facebook details was first reported by Business Insider, who said that the website contained full names, Facebook IDs, locations, email addresses and dates of birth of Facebook users from 106 countries.
Facebook says that the most recent publication of user data stems from a problem that was resolved by the company in 2019.
It is not the first time Facebook has faced revelations of user information being posted online, either for sale from hackers or listed free of charge for scammers to use in their phishing and identity theft campaigns.
Get ISO 27001 – Information Security – Certification With Best Practice
In 2018, Facebook disabled a number of features that allowed Cambridge Analytica to access the personal information of 87 million users, that the company sold for political purposes without the consent, or even knowledge of Facebook users.
More recently in 2019, a Ukranian researcher discovered a database filled with phone numbers, Facebook user IDs and full names of more than 267 million users based in the U.S..
In terms of the most recent publication of Facebook user profiles, Dr Andrew Quodling, researcher in governance and social media platforms at Queensland’s University of Technology says that when a hacker has your email address, they can then launch simple, but effective attacks against your profiles.
“People will take a sort of easy run at simple hacks – try the top 100 most common passwords, and try to get in with brute force,” Quodling told The Guardian. “So anyone using the password 123 on that list would be in trouble.”
He added that “you could be profoundly security conscious and secure, and still get caught out by insufficient security practices at other organisations you rely on.”
“The challenge is always how much of a risk are you personally willing to take?” Quodling concluded.
How to Check if Your Facebook Account has Been Compromised
If you’re worried that your Facebook profile might be caught up in the trove of data currently published online, there are tools you can use to see if you’ve been hacked.
Australian security researcher Troy Hunt has created a website called ‘Have I Been Pwned’ that allows users to enter their email address into a database that cross-references existing data breach lists to check if your email address is included.
It’s essential that you update any of your online profiles, whether they are social media accounts, professional or personal accounts with two-factor authentication. This allows you to create a bottle-neck that a hacker is unable to bypass unless they are in possession of your phone number.
