What You Can Do About This Messy Facebook Data Hack
The old data leak is still a data leak and you probably still have to pay attention to it when it comes to Facebook, a site that has been used by most people at one point or another. As you’ve probably already heard, a past data breach that affected half a billion Facebook users rose again after a hacker posted a huge amount of personal information taken from hacked accounts. And while the break-in actually happened two years ago, there are still a few preventative steps you can take to make sure this latest incident doesn’t impact you too much.
To begin with, take the time to check if your details, including your email address, telephone number, name and other identifying characteristics, are present in the said violation. Try one of the following options to find various identifying information that may have been compromised:
- I was tricked (email)
- Have I been on Facebook? (telephone number)
- News every day (phone number)
- Facebook Checker (phone number)
- Dump raw data (all)
If your phone number or other data is not violated, great! Are you okay. If so, now that the information is missing, there is little you can do about it. On the other hand, you don’t need to worry about your password being stolen, but that data could be used in phishing attempts elsewhere and possibly even to reset your passwords or hack your accounts, depending on how poor service password recovery / reset mechanism.
That says it all, since this data has been floating around for some time now, chances are good that you probably wo n’t be affected if you haven’t been touched yet. If anything, the entire episode demonstrates the importance of using bogus information wherever possible when registering an account, especially on social media. Obfuscation is completely under your control. Don’t feel like you need to give up the truth about your life.
For Facebook, this could include:
- Refusal to provide additional information if you do not need it (your education, where you lived, your interests, your work history, etc.)
- Providing bogus information upon request, such as a fake birth date or nickname. (Keep an eye on them in your favorite password manager’s notes section in case you ever run into trouble with your fake information to regain access to your account or reset your password.)
- Using a fake email address (even slightly modified, such as youremail+facebook@gmail.com instead of youremail@gmail.com) and a phone number that is not your actual phone number to register an account. As before, save these credentials in your password manager just in case.
- Use a different “real” name or a slightly modified version of your name. Don’t use the same “display name” or account name for all of your different services (which we are all undoubtedly to blame for).
Why is it important? It becomes much more difficult for attackers to use information from one data breach to influence you elsewhere. If you always use different information in different services that you use whenever possible, it will be more difficult for an attacker to penetrate your account using social engineering – he simply will not know enough information about you about each service.
Going ahead, make sure you don’t forget about any potential phishing attempts. If you unexpectedly receive a text message or email that tries to convince you of your legitimacy by providing you with some (now readily available) information about yourself, do not initiate an action on the service based solely on that message. Do not give any other information to anyone in return. Don’t click or click on links unless you know where they came from. Instead, open your browser, visit the service directly, and check if there is anything you really need to take care of.