Alerts

If you have a Facebook account, your account data may have been collected and posted online. This means attackers can easily access this information and may use it to carry out targeted and personalised scams.

You can check if your data has been leaked using the website Have I Been Pwned. This free service allows you to check if your email and phone number have appeared in any data breaches.

Have I Been Pwned External Link

CERT NZ recommends that affected Facebook users take the following steps to secure their online accounts from potential misuse of this data: 

• Understand how to protect from scams and fraud and what to do if you're affected. 

Understanding scams and fraud

• Use a different password for each of your online accounts.
• Make sure your passwords are long, strong and unique.
• Keep your passwords safe. Try a password manager to store your passwords for you. 

Keep your data safe with a password manager

• Turn on two-factor authentication (2FA) on your online accounts where possible, this provides an extra layer security if your password is ever compromised.

Enable 2FA

• Make sure any account recovery questions and answers don't use publicly available information, for example don’t use your pet’s name or your hometown – get creative with your responses in a way that is easy and memorable for yourself.