Facebook hacked on Dec 12th 2019

  • Thread starter Evo
  • Start date
  • #1
Evo
Mentor
23,111
2,462

Main Question or Discussion Point

Data Exposure Alert
Norton
Data of 267 million Facebook users exposed in an online database
What is Happening?
Data security researchers discovered an online database containing the names, phone numbers, and Facebook IDs of 267 million Facebook users available for download on a hacker forum. The database was not password protected and had been posted on December 12th. On December 14th, the researchers contacted the internet service provider that was hosting the database and the database was removed on December 19th.


Also LinkedIn and Yahoo have been hacked in the not too distant past, as has Disney. Be aware, don't put personal information on social media sites, change your passwords constantly.
 

Answers and Replies

  • #2
1,325
1,134
Do you have a link to the news article?
Be aware, don't put personal information on social media sites
Or maybe restate it as "put only the bare minimum of personal information they ask for". Twitter, for example, doesn't work unless you put in your mobile number.
 
  • #3
Evo
Mentor
23,111
2,462
Do you have a link to the news article?

Or maybe restate it as "put only the bare minimum of personal information they ask for". Twitter, for example, doesn't work unless you put in your mobile number.
One reason I don't use Twitter. First reason is I could not care less for anything anyone says on Twitter.

It wasn't a news article, it was an email alert from Norton, I have their service that alerts me to security breaches. I also got a security alert from my credit card that alerts me if they find my email on the "dark web" I got an alert today that my email appeared on the "dark web" on Dec 12th" I was wondering what happened, then I got the email from Norton, it was the Facebook breach.

From my email alert (I x'd out my email address)
  • Dark Web Alert
    Compromised Email Address
  • Email Address
    xxx@xxx.com
  • Password
    Exposed
  • Date found on dark web
    Dec 12, 2019
 
  • #5
Evo
Mentor
23,111
2,462
I can verify it's a real breach if you look at my last post you can see they took my email and password from facebook on the 12th.

Facebook asks you to add your phone number in case you get locked out of your account. DON'T DO IT!

Oh, and that Forbes article was posted right as I was posting this thread, there was nothing, only one website on google posting about it earlier, one I didn't want to link on. Notification from FB? NO. Of course LinkedIn never notified me of their HUGE breach where my info was taken, it was my credit card company that verified it. Only Yahoo and Equifax contacted me that my info had indeed been taken from their sites.
 
  • #6
8,107
4,801
Twitter, for example, doesn't work unless you put in your mobile number.
As @Evo said, you could not use Twitter.

Protecting your data sometimes means more that doing things safely. Sometimes, it means not doing them at all; even if they offer some benefit.

The whole social media industry is built on the idea of offering benefits to entice us to give away our personal information.
 
  • #7
1,325
1,134
As @Evo said, you could not use Twitter.

Protecting your data sometimes means more that doing things safely. Sometimes, it means not doing them at all; even if they offer some benefit.

The whole social media industry is built on the idea of offering benefits to entice us to give away our personal information.
That's the reason I never had a social media account till last month. Couple of days back, owing to certain circumstances, creating a Twitter account became a necessity.
 
  • #8
OmCheeto
Gold Member
2,114
2,483
...
Twitter, for example, doesn't work unless you put in your mobile number.
?????
I have a Twitter account and don't have a phone number listed.
Perhaps it's only true if you access Twitter via a mobile phone?
Since I don't own a mobile phone, I access Twitter via my laptop.

Btw, I got a very out of the blue message from a stranger on Friday accusing me of sending her "mean" content on Facebook. Since I didn't send anything to her, I recommended we both update our passwords, as I have no idea how such things can occur.
 
  • #9
1,325
1,134
I have a Twitter account and don't have a phone number listed.
Perhaps it's only true if you access Twitter via a mobile phone?
Since I don't own a mobile phone, I access Twitter via my laptop.
No idea how Twitter has allowed you, but people all over the net are frowning because Twitter has blocked accounts without a phone number. This is irrespective of whether you register from phone or laptop. For new users, you can't even access your account unless you give a phone number and that is verified by Twitter. There are some hacks, however, like using a Google voice number, but that works only if the service is allowed in your country (in my case, it isn't).
 
  • #10
53
24
I suspected a FB breach when I started getting calls on my mobile, supposedly from London, where the caller knew my name. As the number of people who have my number legitimately is very small, for someone else to have it connected with my name is unlikely unless it came from FB. The calls were trying to get me to invest in online trading, a scam my bank had already warned customers about.
 
  • #11
OmCheeto
Gold Member
2,114
2,483
...
people all over the net are frowning because Twitter has blocked accounts without a phone number.
I'm finding evidence of Twitter doing this when people also don't have an email account, but not because they only lack a phone number.

Or is it the fact that people can't function without a cell phone that's making them frown?
hmmm... Are we discussing the same thing, or are we talking past each other?

ps. I should really get some type of mobile phone. It's no wonder people look at me funny.

2019.12.22.mobile.phone.usa.percent.png

clickable reference
 
  • #12
1,325
1,134
I'm finding evidence of Twitter doing this when people also don't have an email account, but not because they only lack a phone number.
While signing up for Twitter, I was given two options: sign up using email id, or mobile number. I choose email id because I did not want to share my phone number, but later found that the account won't be activated unless I give the phone number and they verify it by sending an OTP. Don't know whether they ask for email id if one signs up with phone number, but phone number is a must, at least for new users.
Or is it the fact that people can't function without a cell phone that's making them frown?
hmmm... Are we discussing the same thing, or are we talking past each other?
Maybe talking past each other. Almost everyone has a cell phone, even if it doesn't have internet connectivity. What makes people frown is, Twitter won't allow them access to their accounts unless they register a phone number, and they don't want to give the phone number for privacy reasons.
 
  • #13
1,325
1,134
I suspected a FB breach when I started getting calls on my mobile, supposedly from London, where the caller knew my name. As the number of people who have my number legitimately is very small, for someone else to have it connected with my name is unlikely unless it came from FB. The calls were trying to get me to invest in online trading, a scam my bank had already warned customers about.
Does FB too, like Twitter, compulsorily require phone numbers, or is it optional?
 
  • #14
Evo
Mentor
23,111
2,462
Does FB too, like Twitter, compulsorily require phone numbers, or is it optional?
It's been optional but they were pressuring people to give it claiming that if you ever got locked out of your account, you could use it for verification. DON'T Do IT! FB even sent me a list of my friends that had given FB their phone numbers to coerce me to give mine. If I get locked out, which has never happened, there are other safer ways of getting unlocked.
 
  • #15
8,107
4,801
FB even sent me a list of my friends that had given FB their phone numbers to coerce me to give mine.
Holy mackerel. They think that giving you some of your friends personal info will make you have confidence in FB.
 
  • Like
Reactions: Evo
  • #16
Evo
Mentor
23,111
2,462
Holy mackerel. They think that giving you some of your friends personal info will make you have confidence in FB.
I know! Oh Jane gave FB her phone number, social security, credit cards and bank account numbers, I should give them mine too! They're banking on herd mentality, I guess.
 
  • #17
OmCheeto
Gold Member
2,114
2,483
While signing up for Twitter, I was given two options: sign up using email id, or mobile number. I choose email id because I did not want to share my phone number, but later found that the account won't be activated unless I give the phone number and they verify it by sending an OTP. Don't know whether they ask for email id if one signs up with phone number, but phone number is a must, at least for new users.

Maybe talking past each other. Almost everyone has a cell phone, even if it doesn't have internet connectivity. What makes people frown is, Twitter won't allow them access to their accounts unless they register a phone number, and they don't want to give the phone number for privacy reasons.
In the interest of science, I just created a new twitter account.
It's just as you say!
I had 100% access for about 10 minutes, and then I was locked out, and could not proceed without a textable phone number. They claim my land line is "unsupported".

They did though tell me this; "Contact our support team if you need additional help unlocking your account."

Which I did, and informed them I don't have a cell phone.
Their automated system said it may be a few days before I receive a response.
 
  • #18
8,107
4,801
Which I did, and informed them I don't have a cell phone.
They don't care about Luddite members. :sorry: Sorry, couldn't resist kidding. Happy holidays Om.
 
  • #19
1,325
1,134
They did though tell me this; "Contact our support team if you need additional help unlocking your account."

Which I did, and informed them I don't have a cell phone.
Their automated system said it may be a few days before I receive a response.
Let us know what reply you get.
 
  • #20
DaveC426913
Gold Member
18,603
2,065
Let us know what reply you get.
Don't know what it'll say, but I bet it'll come with a postage stamp on it. :oldbiggrin:
 
  • #21
1,325
1,134
Just now removed my phone number from Twitter. Let's see what happens.
 
  • #22
424
167
Be aware, don't put personal information on social media sites
This really undermines the 'social' experience that people seem to be looking for on these sites, but apart from that, most users are less informed than the PF cohort, so expose considerable personal information just through their sharing and commenting activities. Unless you are read-only on sites such as FB, Insta, TikTok, etc. you really can't help but reveal person details, no matter how hard you try to avoid it.

And as the Twitter comments have noted, the platforms themselves are working against underlying anonymity, so the risk of cell phone + user name + actual name + password reveal is certainly there (though, how does Twitter fight against troll farms undermining elections if they can't tie an account to a person? Can we have perfect privacy with perfect societal protection?).

change your passwords constantly
Yes, I 100% agree with this, and even better, enable two or multi factor authentication. A recent Microsoft study showed this stopped 99+% of account hacks. Thank you PF for your MFA capability :muscle:

However, these unexpected breaches really are small change in the privacy landscape, shocking as they seem. The NY Times thoughtful article on location data highlights how 'normal use' reveals so much about us, and it is being brokered behind the scenes in ways we give we no thought to. That's more troubling to me, because it is us willingly giving data away to them...without even knowing who them is!
 
  • #23
OmCheeto
Gold Member
2,114
2,483
They don't care about Luddite members.
On the contrary. I think their somewhat "let's not make this too easy" methodology is to discourage trolls.

On their "suspended" help form they have the following:

Describe the nature of your appeal (for example, why you do not believe your account violated the Twitter Rules, or if you are having difficulties unsuspending or unlocking your account, or if you cannot provide a phone number).
Phone number (optional)

:sorry: Sorry, couldn't resist kidding. Happy holidays Om.
Ditto!
 
  • #24
OmCheeto
Gold Member
2,114
2,483
Let us know what reply you get.
Why, of course!
Though, I'm now worried, that Twitter may have a policy against "sock puppets", and just delete my new account.
I used my gmail email address to create it, as I don't use it for actual correspondence.
But upon further inspection, I discovered that my real email address is listed in my gmail settings.

Doh!
 
  • #25
1,325
1,134
Though, I'm now worried, that Twitter may have a policy against "sock puppets", and just delete my new account.
I used my gmail email address to create it, as I don't use it for actual correspondence.
But upon further inspection, I discovered that my real email address is listed in my gmail settings.
I don't think they'll be able to identify you, because real email addresses set up in gmail for forwarding (or otherwise) are not revealed. That is the whole purpose of email services allowing you to add another email address that you own; if people are able to find out your real email, then the purpose is no longer served.
 

Related Threads for: Facebook hacked on Dec 12th 2019

Replies
9
Views
11K
Replies
9
Views
1K
  • Last Post
Replies
1
Views
2K
Replies
1
Views
2K
  • Last Post
Replies
1
Views
2K
  • Last Post
Replies
1
Views
2K
  • Last Post
Replies
1
Views
4K
  • Last Post
Replies
10
Views
3K
Top