Facebook hacked on Dec 12th 2019

  • Thread starter Thread starter Evo
  • Start date Start date
Click For Summary
A significant data breach exposed the personal information of 267 million Facebook users, including names, phone numbers, and Facebook IDs, which was found in an unsecured online database. The database was posted on a hacker forum and removed shortly after being reported by security researchers. This incident highlights ongoing concerns about data security, particularly on social media platforms, where users often share personal information. Experts recommend minimizing the personal data shared on such platforms and regularly changing passwords. Additionally, enabling two-factor authentication (2FA) is advised to enhance security, although recent vulnerabilities have raised questions about the effectiveness of 2FA. Users are cautioned to be vigilant about their online presence and to consider the risks associated with providing personal information, especially when registering for services that require phone numbers for verification.
  • #31
sysprog said:
Are you maybe allowed to use another voip service, such as Talkatone, or a proxy phone number app, such as Burner?
Neither of them is available in my country.

Anyways, I removed the phone number from Twitter, as mentioned in post #21. They haven't blocked my account yet.
 
Computer science news on Phys.org
  • #32
fluidistic said:
China's crackers exploit which bypassed 2FA

Details of exactly what happened in this hack are scant, but it seems to be a nation state attack, meticulously planned and executed, with the 2FA bypass allegedly done via a stolen RSA SecureID software token taking advantage of a related exploit in the 2FA code.

The security implications for 2FA in the general sense are unclear but it seems likely this is a fixable flaw. It's also not a general fault with 2FA, in the sense that a single exploit undermines it.
 
  • #33
Wrichik Basu said:
Neither of them is available in my country.

Anyways, I removed the phone number from Twitter, as mentioned in post #21. They haven't blocked my account yet.
They still have it in their database and if your phone number is leaking anywhere on the web or to any other tech giant, chances are twitter could get it.
 
  • #34
fluidistic said:
They still have it in their database and if your phone number is leaking anywhere on the web or to any other tech giant, chances are twitter could get it.
Even if they have it, I can't do anything about it. While signing up, you are compulsorily required to provide a phone number.
 
  • #35
OmCheeto said:
:headbang:
Today I received a bank debit card in the mail, with my address, and someone else's name, with a bank I had an open credit card (>$10k available) account with.

Just got off the phone with the second customer service rep.
She and the previous rep were both delightful.

It appears that I have to go to my local branch on Monday, with the physical evidence, to kind of prove that I'm neither a kook, nor senile, for the most part.

Wait a minute. I was just online, and I didn't have a savings nor checking account, and my mortgage account was closed months ago...

So I've just closed the last account with that bank, and they're going to look at me on Monday, like I'm some sort of kook.

hmmmm...
Good grief, have you looked up the name on the card to see if you find someone, by chance? They should know (if it's a legitimate bank error) that their debit card was sent to someone else! I'm sure the bank isn't going to tell them. The person might be listed in LinkedIn if they're employed. They might even be found on FB. I wouldn't contact them, but it would be interesting.

Boy, my email address had quite an active (and unsavory) life after yahoo was first hacked, my email address was sold on the "dark web" and some idiot ( I was actually able to find out the name and address of the moron that bought it because they weren't the brightest bulb). Geeze. The places my email address went and the things that were tried (and some done) with it. Since it was a fake email I had created, fake person, fake location, I wasn't concerned with closing the account and every time it was used, I'd get the confirming email back requesting verification, or I'd get a copy of what had been done with one of the websites that is very well known that allowed the moron to post unbelievable stuff and never tried to verify that it was legitimate. Anyway, I was on porn sites, BAD sites, all kinds of sites, I drove the moron nuts by shutting down his accounts until he gave up trying to use my email address. The porn sites were before the moron bought it for his personal use, no idea who that was, I never opened those emails, I seemed pretty popular, well, the poor fictional person linked to the email address was popular.
 
  • #36
Evo said:
Good grief, have you looked up the name on the card to see if you find someone, by chance? They should know (if it's a legitimate bank error) that their debit card was sent to someone else! I'm sure the bank isn't going to tell them. The person might be listed in LinkedIn if they're employed. They might even be found on FB. I wouldn't contact them, but it would be interesting.
I just spent the last 1.5 hours going through Mr. Mightbeaperp's FB page.
His name is unique enough, 104 Google matches, that I'm confident this is the same person.
I've decided that it's possible that he and I are both targets, or that he may be the only target, and I'm just an unwitting accomplice, as, I replaced my mailbox on Christmas day, as the door on my old one had fallen off a couple of months ago, and any cranker riding by on a bicycle could snatch anything inside, with the greatest of ease.

Actually, I think I may have met the perp. Someone knocked on my door yesterday afternoon, and asked whose truck was parked across the street. I gave him a vague answer, and he left.

Boy, my email address had quite an active (and unsavory) life ...
:oldlaugh:
I'm not sure how I would handle that, if my email ended up having a more interesting life than I've had.
 
  • Haha
Likes Evo