Emerging Threats

267 Million Facebook Users May Have Had Personal Information Exposed Online

More than 267 million Facebook users may have had their personal data exposed in an online database, cybersecurity researchers said December 19.

Here’s what information was exposed:

  • Names
  • Facebook IDs
  • Phone numbers

The risk for affected Facebook users? Cybercriminals could use the information for spam messaging, phishing email, identity theft, or other nefarious purposes.

Most of the people affected are U.S. Facebook users.

Who could have accessed the Facebook data?

The data was posted to an online forum for hackers, according to Bob Diachenko, the data security researcher who found the unprotected database, and Comparitech, a tech website. The database required no password for about two weeks.

Facebook said the database is no longer available.

What should I do if my information was exposed?

Data breaches can increase the possibility of becoming a victim of cybercrime.

The exposure of names, Facebook IDs, and phone numbers could raise a variety of risks.

Here are some steps you can take to help protect yourself.

  • Change your Facebook privacy settings. You can adjust settings, for example, to prevent your profile information from appearing in search results.
  • Watch for spam messaging. Cybercriminals can use your phone number to send messages tied to scams and with links that could infect your device with malicious software.
  • Beware of phishing emails. Fraudsters may use your data to trick you into opening emails or clicking on links that may appear to be legitimate.

Should I consider changes to my social media profiles?

The Facebook data breach may be a reminder to be careful about what you share on social media platforms.

For instance, it’s a good idea to exclude sensitive personal information that could be used in scams or in identity theft.

It’s also smart to read a social platform’s privacy statements. You may be able to avoid having outside parties mine your data.

Cyber threats have evolved, and so have we.

Norton 360™ with LifeLock™, all-in-one, comprehensive protection against viruses, malware, identity theft, online tracking and much, much more.

Try Norton 360 with Lifelock.

Was yours one of the billions of records stolen through breaches in recent years?

Enter your email to find out.

NortonLifeLock does not search all personal information at all criminal websites and may not find all breached data. We use the information you provide in accordance with our privacy policy.

Editorial note: Our articles provide educational information for you. NortonLifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.

Copyright © 2023 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.