As I’m sure you’re aware by now Facebook has recently been affected by a major data breach. We’ve collated all of the information available at present and constructed a handy guide to help you find out if your Facebook account was hacked.
What happened during the Facebook data breach?
Facebook has been working tirelessly to investigate the data breach which was first noticed in early October. However, the possibility of smaller-scale attacks still happening has not been ruled out.
Hackers noticed and exploited a vulnerability in Facebook’s coding which existed from July 2017 to September 2018. The vulnerability affected the “View As” feature which allows users to see how their profile appears to friends and the public. The bug in the feature allowed hackers to steal “access tokens” which can be used to gain access to accounts. Access tokens are essentially digital keys which keep users logged into the site.
The spike in unusual activity was first noticed on September 14th, 2018, but it wasn’t until September 25th that it was determined as a significant security breach. Within two days, the attack was ceased, and those vulnerable profiles were protected.
The “View As” feature is now disabled, and Facebook are now working with the FBI to investigate the attack. Around 30 million users had their tokens stolen during the breach. The hackers had control of 400,000 accounts with connection to plenty of Facebook friends. They moved from account to account stealing access tokens using a portion of the 400,000 profiles to gain access to 30 million profiles.
For 15 million users this meant that hackers could see their contact details and name. However, for 14 million people hackers could also see other profile details such as gender, relationship status, birthdays, work information etc. For 1 million users no information was accessed at all.
How to find out if your account was hacked in the Facebook data breach?
Whilst 30 million accounts may seem like a lot, remember that there are over 2.23 billion active Facebook profiles around the world, so the that you got affected by the breach are pretty slim.
Over the next few days, Facebook will be sending out messages to the 30 million accounts who were affected by the breach. Hacked users will receive full details of the information which the hackers may have accessed.
There’s no need for you to change your password, however you may want to learn how to make sure you are fully protected whilst using Facebook. This includes being wary of any suspicious emails, calls or text messages.
If you don’t want to wait around for the message, you can head over to Facebook’s Help Centre, scroll down to the bottom of the page where you will find a footer note with the title “Is my Facebook account impacted by this security issue?”
You will be informed that the investigation is still on going, yet you’ll receive an answer whether or not you were one of the 30 million users affected.