A few weeks ago, Facebook revealed that a security screw-up on their end allowed hackers to gain full access to the pages of at least 50 million users
Since then, the social media giant has further confirmed that 29 million of those users had their names, contact data and more stolen by the hackers.
While nothing is known about who is responsible for the hacking, Facebook can hazard a pretty good guess about whether or not you were hacked.
Facebook has now made it possible to find out whether or not you were hacked. All you need to do is visit this page: You’ll know you’re at the right place if you can see this message.
The page goes on to say that: “On September 25, 2018, we discovered that attackers had exploited a vulnerability caused by the complex interaction of three bugs in our system to obtain access tokens. Tokens can be used, like a digital key, to request certain information through our platform. We acted quickly to secure the site and began an investigation to determine if anyone’s Facebook information was accessed and how many users were impacted.”
You can find out whether or not Facebook believes your account was affected by scrolling to the bottom of that page. If they think you’re safe, you’ll see this message: “Based on what we’ve learned so far, your Facebook account has not been impacted by this security incident. If we find more Facebook accounts were impacted, we will reset their access tokens and notify those accounts.”
However, if the answer is yes, you’ll be one of these three categories:
A. You’re in the 15 million users’ whose name plus email and/or phone number was accessed.
B. You’re in the 14 million users’ who had that data plus account bio data accessed including “username, gender, locale/language, relationship status, religion, hometown, self-reported current city, birthdate, device types used to access Facebook, education, work, the last 10 places they checked into or were tagged in, website, people or Pages they follow, and the 15 most recent searches.”
C. You’re in the 1 million users whose access token was stolen but your account was never actually accessed with it.