Facebook has responded to reports about its massive data breach—although not the way many users expected.
The company is not planning to inform the 533 million users that they’re included in the list. This was confirmed by a Facebook spokesperson to Reuters today, April 8.
The Facebook spokesman said that they are not doing it for three reasons: it is unclear if they have full visibility on which users would need to be notified, the data is already publicly available, and, lastly, users will not be able to fix the issue.
This exposed data was obtained through the misuse of a feature before 2019 and recently made public in a database. According to Business Insider, it includes personal information of users—phone numbers, birth dates, and email addresses, among others— from 106 countries.
On April 6, Facebook wrote on its blog post that it “believes” the data was “scraped from people’s Facebook profiles by malicious actors using our contact importer” before September 2019. The scraped information did not include financial information, health information or passwords, they said.
If you would like to know if your personal information was leaked online, you can check it on Have I Been Pwned, a well-known site that tracks data breaches. All you have to do is supply your email address or phone number, then the site will show you breaches in which your data may have been compromised.
If you are indeed part of a breach, you can prevent it from happening again by changing your password on those compromised sites, use a password manager that helps you create unique passwords, or use two-factor authentication for added security.