Statement: Consumers need to go on defense after Facebook data breach

Users should watch out for fraudulent phone calls, text and emails

US PIRG Education Fund

MENLO PARK, CA — Facebook users need to be extra vigilant in the weeks and months ahead because identity thieves could use information from their accounts to try and commit fraud.

Reports emerged Saturday that a hacker published data from more than 533 million Facebook users from 106 countries, including 32 million Americans. The compromised data includes full names, phone numbers, Facebook IDs, birthdates, bios, locations and, in some cases, email addresses, according to Business Insider.

In response, Teresa Murray, U.S. PIRG Education Fund Consumer Watchdog, issued the following statement: 

“Consumers provide personal information to companies, and trust them to safeguard it. This is another unfortunate example of that trust being violated.

“This serves as another important reminder that consumers must always be vigilant about identity thieves who may call, text or email victims and try to trick them into providing more information. Frequently, after data breaches, bad guys contact unsuspecting consumers and pose as the company the information came from — Facebook, in this case — and try to con them into providing their password or credit or debit card numbers. Or scam artists may pose as other types of legitimate businesses, including banks, credit card issuers or online retailers. 

“For consumers who give personal information to just about any company, especially a social media company, it’s not a matter of if, but when the data gets compromised. Names, along with phone numbers, birthdates and email addresses are a dangerous combination in the hands of identity thieves.

“Besides being on guard for suspicious phone calls, emails or texts, consumers should check whether they’ve used information that can be found on their Facebook profiles as the answers to secret questions for financial accounts, such as their high school mascot or name of their pet. Consumers should also realize the stolen information could be even more dangerous when combined with information from past data breaches, such as the Equifax breach of 2017, which disclosed Social Security numbers, dates of birth and other information for half of the U.S. adult population.”

Facebook users should also strongly consider putting a freeze on their credit files with the major credit bureaus. It’s free by law to freeze and thaw. You should be able to do it in less than 20 minutes total. Check out our step-by-step guide. To do it by phone: Equifax, 800-685-1111; TransUnion, 888-909-8872; and Experian, 888-397-3742. Freezes prevent someone not only from opening credit accounts in your name, but also block someone from fraudulently creating online accounts with the IRS and Social Security Administration.

For other advice on coping with the Facebook data breach, see U.S. PIRG’s list of consumer tips.