Surviving the April 2021 Facebook data breach

A leaked data breach stealing 533 million Facebook users in 106 countries, which NPR announced on April 9, 2021 ( https://n.pr/3mE3Grf ). The breach included:

  • Full Names

  • Locations

  • Phone Numbers

  • Some Email

  • Other misc data

Although overall disturbing, the phone numbers draw particular attention. "Phone numbers are increasingly used to connect people to their digital presence, including the use of two-factor authentication via text message and phone calls to verify one's identity."


What does this now mean to you?


It is time to be ever more vigilant regarding communications coming from sources you do not know. The following recommendations should be seriously considered in your personal and business use:

  1. Do not answer a phone call with a phone number you do not recognize. IF you must, avoid providing any information to the person or system calling you. Avoid using the words "Yes." Even to a question of "Can you hear me?" You do not want your voice saying "yes" from being recorded, ever.

  2. If you receive a recorded call, suggested clicking a number on your dial-pad to hang up, hang up without hitting that number on the dial-pad. Doing so would identify you as a live person and put you on a list for other scam activities.

  3. Consider registering all of your telephone numbers in the National Do Not Call Registry as a means to avoid scams or robocalls.

  4. One solution that is a bit more stringent regarding phone calls is to block callers you don't know. Smartphones may have a phone call silencing feature for calls you do not recognize, calls explicitly not in your Contact app on your phone.

  5. Phones are used for two-factor authentication (2FA), typically via SMS to a phone. This is a good feature; however, with your phone number out there in the wild from a breach, avoid clicking on a hyperlink in your SMS message in general, but definitely from a phone number you do not recognize. A phishing scam is most likely perpetrating you.

  6. Since your email most likely is distributed with this breach, the same SMS rules should be followed for email even if your receive an email from a financial organization, e.g., PayPal, and everything looks good, the sender email address, the links in the email. The better approach is to go to your browser and log into your PayPal account.

These minor adjustments in your user behavior will go a long way to avoiding scams, malware, and further private information extraction from you to an unknown. These methods and user rules are all about more intelligent computing by the users.

6 views0 comments

Recent Posts

See All

Securing IoT in 2019 & Beyond - Part 2

4.1 Architecture The first major areas to address is the computer, network and security architecture itself. We need to come to reason with the following… If the current security standards and associa

State of Security Attack Vectors

1 Overview On the Newsweek site for August 17, 2019, there’s an article titled, “20 TEXAS CITIES HIT BY COORDINATED RANSOMWARE ATTACK, STATE'S IT DEPARTMENT SAYS” - http://bit.ly/2P3Z6W5. With the art

Securing IoT in 2019 & Beyond - Part 1

1 Overview Many sources estimate that by end of 2020, 50 billion Internet of Things (IoT) devices will be deployed worldwide leading to a > $1( http://bit.ly/2KqDvm8 ). IoT devices, active sensors, a