People can use the Have I Been Pwned online tool to check if their numbers or emails were compromised.Facebook says the data is from an “old” breach in 2019 but privacy watchdogs are now investigating.
The database covers 533 million people in 106 countries, according to researchers analysing the data. That includes 11 million Facebook users in the UK, 30 million Americans and 7 million Australians.
Not every piece of data is available for each user but 500 million phone numbers were leaked compared with “only a few million email addresses”, Troy Hunt, a security expert who runs HaveIBeenPwned said in a blog on his website.
Visitors to the website can now enter their mobile number into a search box, and the website will confirm if it has appeared in the leaked database.“I wanted to ensure Have I Been Pwned could answer that question for everyone, not just a tiny slice of people,” Mr Hunt told the BBC.
It has also been suggested that Facebook’s own chief executive, Mark Zuckerberg, had his mobile number leaked in the database."This is the number associated with his account from the recent Facebook leak," security expert Dave Walker tweeted, along with a screenshot of Zuckerberg's leaked phone number.
Facebook has requested users input their phone numbers since 2011, citing security reasons.It allows for “two-factor authentication”, an additional feature that sends a text to a user’s mobile whenever somebody logs into their account.