Facebook suffered a huge data leak back in 2019, with the personal information of some 533 million social media users published online earlier this month. The sensitive information was leaked for free on a hacking forum, after this sensitive information was previously put up for sale. Details stolen from Facebook include users’ private phone numbers, email addresses and more.
Facebook users from 106 countries were reportedly impacted, with details on over 11 million UK accounts now widely available on a forum for anyone to search and copy. And, following on from this security alert, Facebook is now facing legal action.
Digital Rights Ireland has revealed that they’re beginning “mass action” to sue Facebook over the data leak. To join this legal action, you first need to find out if you’ve been affected by the breach. To do this, you’ll need to head to the haveibeenpwned website to find out if your details have been leaked.
READ MORE: Android warning: Simple mistake could expose your most-used apps
If you are among the millions affected by the data breach then head to the official Digital Rights Ireland website. On this page, you’ll just need to enter your name, e-mail address and phone number.
If your details have been leaked then Digital Rights Ireland said you may be able to claim for compensation. Sadly for those in the UK though, the right to monetary compensation under GDPR rules is for those living in the European Union or European Economic Area.
The UK is no longer part of the EU or EEA.
Digital Rights Ireland said: “If you live in the European Union or European Economic Area, you can seek monetary damages from Facebook. The GDPR (General Data Protection Regulation) gives you the right to monetary compensation where your data protection rights have been breached.”
But aside from monetary compensation, the rights group said there are other worthwhile reasons to join in on the “mass action” lawsuit.
They said: “Compensation is not the only thing that makes this mass action worth joining. It is important to send a message to large data controllers that they must comply with the law and that there is a cost to them if they do not.”
Speaking to Express.co.uk in response to news of this lawsuit being launched, a Facebook spokesperson said: “We understand people’s concerns, which is why we continue to strengthen our systems to make scraping from Facebook without our permission more difficult and go after the people behind it.
“As LinkedIn and Clubhouse have shown, no company can completely eliminate scraping or prevent data sets like these from appearing. That’s why we devote substantial resources to combat it and will continue to build out our capabilities to help stay ahead of this challenge.”
While discussing the data breach previously, a Facebook spokesperson said the data was scraped due to a vulnerability that was patched in August 2019.
However, Alon Gal, who was the first person to notice the leaked Facebook data being offered for free, said even data from a few years ago could prove to be vital for cybercriminals.
The CTO of security firm Hudson Rock said: “A database of that size containing the private information such as phone numbers of a lot of Facebook’s users would certainly lead to bad actors taking advantage of the data to perform social engineering attacks [or] hacking attempts”.