Facebook users can now check the privacy breach notification website to see if their phone number has been exposed on the current social website data leak

Last weekend, a threat actor published a data leak with information for 533 million Facebook users.This information includes phone numbers and Facebook IDs for almost all exposed accounts, as well as other optional information such as name, gender, relationship status, location, occupation, date of birth and Member email address

This data was originally collected in 2019 and sold privately at the time. Over time, the data was traded and sold between various threat actors at ever lower prices, until it was finally published for free on the Hacker Forum that weekend. p>

When published, the data was added to the data breach notification service so that users can see if their emails were in the Facebook data leak

However, the main component of this leak is a Facebook user’s phone number, rather than an email address As a result, Have I Been Pwned was unable to accurately notify a user if they were exposed in the security breach

“There are over 500 million phone numbers, but only a few million email addresses> 99% of people got a “miss” when they should have got a “hit”, “said Troy Hunt, inventor of Pwned, in a blog post

To warn users more precisely, Hunt Have I Been Pwned updated so users can now search the website for their phone numbers to see if the leak has revealed their Facebook information

When searching for phone numbers, users need to provide their country code as this is how the data breach saved the number

For example, in the following sample of exposed New York users, phone numbers begin with the country code 1 followed by the person’s full number

For example, if you want to verify that your phone number is part of the Facebook data leak, you would need to use a search in the format ‘19175555555’ “If you are in the UK you must also include your country code so that a searchable phone number format is’ 442071838750” is’ ​​

Hunt indicates that the icon is optional and will be removed when searching, as shown below

With this new feature, Have I Been Pwned has become a valuable tool for Facebook members to determine if the data breach exposed their data

Unfortunately, when leaks like this one are made public, other threat actors often use this information for their own attacks

If your information has been disclosed, be on the lookout for Facebook phishing emails or smishing (text) phishing attacks that are trying to get more information from you

Got pwned

World News – FI – Got pwned adds search for leaked Facebook phone numbers

Source: https://www.bleepingcomputer.com/news/security/have-i-been-pwned-adds-search-for-leaked-facebook-phone-numbers/