Facebook data leak publicly available
CERT NZ is aware that specific account details relating to half a billion Facebook user accounts has been made publicly available. We understand this data was accessed in 2019 and contains personal information like full name, date of birth, phone numbers and email addresses.
What this means
If you have a Facebook account, your account data may have been collected and posted online. This means attackers can easily access this information and may use it to carry out targeted and personalised scams.
What to look for
How to tell if you're affected
You can check if your data has been leaked using the website Have I Been Pwned. This free service allows you to check if your email and phone number have appeared in any data breaches.
What to do
CERT NZ recommends that affected Facebook users take the following steps to secure their online accounts from potential misuse of this data:
- Understand how to protect from scams and fraud and what to do if you're affected.
- Use a different password for each of your online accounts.
- Make sure your passwords are long, strong and unique.
- Keep your passwords safe. Try a password manager to store your passwords for you.
- Turn on two-factor authentication (2FA) on your online accounts where possible, this provides an extra layer security if your password is ever compromised.
- Make sure any account recovery questions and answers don't use publicly available information, for example don’t use your pet’s name or your hometown – get creative with your responses in a way that is easy and memorable for yourself.
If you require more information or further support, submit a report on our website or contact us on 0800 CERTNZ.
For media enquiries, email our media desk at firstname.lastname@example.org or call the MBIE media team on 027 442 2141.