Click to Skip Ad
Closing in...

How to check if your Facebook account was hacked in the massive breach

Published Apr 5th, 2021 11:04AM EDT
Facebook 533 Million Hack
Image: Urupong/Adobe

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

News broke out over the weekend that more than 533 million Facebook accounts were compromised, with hackers stealing personal information that included phone numbers, emails, and more sensitive data. However, this isn’t a new hack. The attackers stole the data back in August 2019, and the hack made the news a few times. Before this weekend’s revelation, we last mentioned the massive Facebook hack back in mid-January when hackers were selling access to the data via Telegram. Specifically, hackers would let anyone attempt to find out either the Facebook ID or phone number of a user impacted by the hack.

An unexpected development made the old Facebook hack resurface yet again. The database has now been posted in the wild, giving everyone free access to all that sensitive info. Facebook responded to the hack in the worst possible way, saying that the hack is “old data” that Facebook found and fixed. This might be so, but it doesn’t change the fact that someone stole that information and that the data is now available to the public. Many of those 533 million people might still have the same phone numbers and Facebook IDs, information that other people with malicious intentions can use for nefarious purposes. The good news is that you can easily check if your Facebook account was included in this massive hack of 533 million Facebook accounts.

One way to check if your Facebook data is included in the leak is to get ahold of the stolen database. That might involve paying and trusting shady sources for access, and that’s not the route you should take. Instead, there’s a web service called Have I Been Pwned that lets you input your email and see whether it was stolen in any recent data breach.

If your email is associated with any hack, you should change the password for that service. That goes for the Facebook hack and any other data breach.

You should also consider changing the passwords to all the other services where you use the same username or password as Facebook. Recycling credentials is a bad idea to begin with, and you should start using unique passwords for each app and website. The best practice is to use a free or paid password management app like 1Password.

Checking whether the Facebook hack has impacted you by email might not be enough. As The Next Web points out, the founder of Have I Been Pwned, Troy Hunt, said on Twitter that he’s considering whether the database should be searchable by phone number. That way, you’ll know for sure whether your Facebook account was part of the breach.

The 533 million-account hack involves users in 106 different countries. Not all of them added their phone numbers to Facebook, but many people did. As Hunt explained on Twitter, “spam based on using phone number alone” is “gold.”

He continued, “Not just SMS, there are heaps of services that just require a phone number these days, and now there’s hundreds of millions of them conveniently categorized by country with nice mail merge fields like name and gender.”

Hunt asked followers whether phone numbers should be searchable on the service, with nearly 68% of the vote in favor of the addition. People who are worried about the hack connecting their identity to their Facebook profile and phone number can take additional security steps like changing your phone number or even simply ditching Facebook. Of course, that won’t undo any damage that has already been done.

Chris Smith Senior Writer

Chris Smith has been covering consumer electronics ever since the iPhone revolutionized the industry in 2007. When he’s not writing about the most recent tech news for BGR, he closely follows the events in Marvel’s Cinematic Universe and other blockbuster franchises.

Outside of work, you’ll catch him streaming new movies and TV shows, or training to run his next marathon.