Details of more than 500 million Facebook users – 11 million from the UK – have been found on a website for hackers.
Although the information appears to be several years old, it includes data from 106 countries such as phone numbers, Facebook IDs, full names, locations, birthdates and email addresses, according to reports first published by Business Insider.
And while Facebook has confirmed the data that has surfaced is related to a historic breach, it is another example of the vast amount of information collected by the social media giant – and other platforms – and the limits to how secure that information is.
In a statement Facebook said: “This is old data that was previously reported on in 2019.
“We found and fixed this issue in August 2019.”
Facebook has been grappling with data security issues for years.
In 2018, the social media giant disabled a feature that allowed users to search for one another via phone number following revelations that the political firm Cambridge Analytica had accessed information on up to 87 million Facebook users without their knowledge or consent.
In December 2019, a Ukrainian security researcher reported finding a database with the names, phone numbers and unique user IDs of more than 267 million Facebook users – nearly all US-based – on the internet.
So how can you ensure your Facebook account is as safe as it can be?
Here are some simple steps:
• The first, and one of the quickest, is to head to Facebook and under ‘account’ there is a link to ‘security check’. The quick, easy-click health check will ensure your password and two-factor authentication are robust.
• Adjust your Facebook privacy settings: The options are ‘public/everyone’, ‘friends’ (plus friends of anyone tagged), ‘only me’ or ‘custom’ where you choose a combination of all. Regularly check and adjust them.
• Don’t click on suspicious links. Be wary of any posts or messages that ask you to click on a link, even if it appears to come from someone you know. These links will nearly always be created to steal sensitive information or deliver malware.
• Don’t accept friend requests from strangers – if you accept one from someone you’re not familiar with, they can access all the personal details on your profile, your contact lists if they’re not private, as well as building a detailed picture of your online social activity.
• Enable security alerts – this is a great way to find out if there have been any unauthorised login attempts on your account. This can be done via Facebook’s Help Centre, under ‘privacy and safety’. Facebook will then inform you if someone tries to connect to your account from a device you don’t normally use.
• This sounds obvious – and we all know it, but often ignore it: passwords must be regularly updated and not the same as the ones you use on other websites.
• Ensure passwords are strong. A strong password has capital and lowercase letters, numbers and symbols. It is OK to make it quite long. Make it something that is not too common, nor any combination of your name, address, date of birth or phone number.
• Never share your password.
• Think about where you log in from and what you share. If you’re logging on to a site from a shared or public computer (in an office or public library for example), say “no” if the site offers to save your password. Make sure you log out of websites and online sessions properly when you’ve finished, to avoid other people gaining access to your information.
• Check apps before signing up. Some apps or websites will ask you to log in using a social media or email account. It is always worth double checking what kind of access you are allowing before agreeing for the two to link up.
• Does a website internet address begin with ‘https’? The ‘s’ on the end means it has an extra layer of security. Make sure ‘s’ is in place both before and after you log in.