Data breach Data on 848,558 Facebook users from Mauritius leaked online

A massive data breach from Facebook is currently making headlines. What's worst about it is that it involves the accounts of hundreds of thousands of Mauritians.

Ish Sookun

1 min read

So, what actually happened here? Let's rewind to a few years back until you remember the Cambridge Analytica scandal. If you can't remember then I suggest you watch the Netflix documentary The Great Hack.

In 2018, a whistleblower named Christopher Wylie exposed how a British consulting firm, Cambridge Analytica, used Facebook's Open Graph platform to harvest data on millions of Facebook users. At that time, not just Cambridge Analytica but anyone could extract data through that platform. Cambridge Analytica came into the limelight only because of what they were doing with the data; we are not going to delve into that. Point being, you should not freak out about whether your Facebook account has been hacked.

After the Cambridge Analytica scandal, Facebook in 2019 brought modifications to its platform to prevent the harvesting of such data.

The data leak that is causing so much noise is an old extract from the Facebook Open Graph platform that dates 2019. The leaked data does not contain information about Facebook accounts created after 2019. It also does not contain passwords. At worst, it might contain your email address and mobile number if your account features in the data leak.

What can you do about it? Nothing. I don't think you are going to change your email address or phone number every time it is shared publicly. Just be cautious about scam attempts. No doubt scammers are going to use this list to find their next victims.

General Advice

Use two-factor authentication with Facebook and change your password frequently (think of it like an underwear, don't use the same for too long, it'll stink).

Complex passwords are good, but short complex passwords are not. The longer the password, the more time will be required for a computer to figure it out.

Instead of having short complex passwords like C0mPL3xP@ss it's better to use longer ones which are easy to remember. Something like maybe the fourth line of the second stanza of your least favorite Sega or Bhojpuri song.