With over 2.4 billion monthly active users, Facebook is the biggest social network worldwide. And with so many users come tons of data, including some personal information that may now potentially be exposed. According to TechCrunch, a security researcher found an online database exposing 419 million user phone numbers linked to Facebook accounts.
It appears that the exposed server wasn’t password-protected, meaning that anyone with internet access could find the database. This server held records containing a user’s unique Facebook ID and the phone number associated with the account. In some cases, records also revealed the user’s name, gender, and location by country. TechCrunch was able to verify several records in the database by matching a known Facebook user’s phone number with their listed Facebook ID. Additionally, TechCrunch was able to match some phone numbers against Facebook’s password reset feature, which partially reveals a user’s phone number linked to their account.
It’s been over a year since Facebook restricted public access to users’ phone numbers. And although the owner of the database wasn’t found, it was pulled offline after the web host was contacted. Even though there has been no evidence that the Facebook accounts were compromised as a result of this breach, it’s important for users to do everything they can to protect their data. Here are some tips to keep in your cybersecurity arsenal:
- Change your password. Most people will rotate between the same three passwords for all of their accounts. While this makes it easier to remember your credentials, it also makes it easier for hackers to access more than one of your accounts. Try using a unique password for every one of your accounts or employ a password manager.
- Enable two-factor authentication. While a strong and unique password is a good first line of defense, enabling app-based two-factor authentication across your accounts will help your cause by providing an added layer of security.