Back in 2019, the Facebook data of around 500 million users was breached. That may sound like a lot, and is certainly nothing to scuffle at, but it actually isn't even in the top 15 largest breaches of all time. Nonetheless, just recently, that data was leaked to the public and is currently circling around the internet. To give you an idea, the types of data breached and leaked include things such as: profile names, Facebook ID numbers, email addresses, and phone numbers. That is, according to WIRED's article by Lily Hay Newman on the matter. Of course, as a side note, you can check to see if your data was leaked on HaveIBeenPwned. That will allow you to see if your phone number or email was exposed throughout the hack (and others).
So what does this Facebook data leak mean in the macro sense? Well, unfortunately, unless you are someone who never uses the internet, it is quite likely you have had to put some of your sensitive information out there and that information will always remain, at least broadly, vulnerable to a data breach. In this case, and according the article, the data was vulnerable to attack due to a bug in Instagram's ability to import contacts. Some might think that this is Facebook's fault outright and was possibly a result of poor coding choices, and or data management, but it is far too complicated to tell. One shouldn't place blame completely on Facebook as things like this will happen from time to time, as unfortunate as they may be. After all, computers are only as good as the humans who use them, so human error is inevitable. In fact, it Facebook did make it clear that it did not expose this data intentionally, but it was scraped from their backend.
Although, where Facebook could have done better was in acknowledgment of the breach, back when it happened, and or when the data was leaked recently. For example, the article mentions that The Irish Data Protection Commission said in a statement on Tuesday that it “received no proactive communication from Facebook" regarding the breach. This isn't best practice in my opinion, but perhaps there was good reason for not being so clear on the matter.
So, back to the central question of this post: now what? What should you, as perhaps a Facebook user do now? The first thing you can do is check the website mentioned above to see if your data was leaked. After that, there is not much to do other than to be keep an eye out for spam emails, phone calls, and other malicious activity.
It is a terrible day when data is breached, but this isn't going anywhere, and cybersecurity experts are in a constant battle. I think that if companies like Facebook keep coming up with new and innovative ways to encrypt data, it is possible to stop these types of attacks, but they will probably never go away all together.
Source: https://www.wired.com/story/facebook-data-leak-500-million-users-phone-numbers/