Get more Mail & Guardian
Subscribe or Login

Facebook users can use phone numbers to check if their data was breached

South Africans can use their phone numbers to see if their Facebook data has been breached. The platform Have I Been Pwned enables you to determine whether your data has been breached in the latest data scraping of more than 500-million Facebook users. 

The safety of one’s personal information on social media platforms has come under renewed scrutiny after data of more than 530-million Facebook users was made publicly available on an unsecured database. 

Facebook Inc. quickly responded with a statement assuring account holders that they have not been hacked, and that the incident dates back to 2019.

“It is important to understand that malicious actors obtained this data not through hacking our systems but by scraping it from our platform prior to September 2019. Scraping is a common tactic that often relies on automated software to lift public information from the internet that can end up being distributed in online forums,” the Facebook statement said.

But how do you know if your data had been scraped from Facebook in 2019 and now floats somewhere in cyberspace? The recent data leak of over half a billion accounts has only some two million email addresses attached to it. All the rest of the breached accounts have only been linked by their phone numbers. 

Since the inception of Have I Been Pwned in 2013, users could search across multiple data breaches to see if their data has been compromised. However this was only possible using your email address. 

Australian tech expert and creator of Have I Been Pwned, Troy Hunt, quickly jumped to solve this problem.

With the latest adjustments in the last few days, the platform now can verify whether you have been breached by using your phone number. The ability to use a phone number instead of only an email address provides a more accurate confirmation of whether an individuals’ data has been breached or not. However, this functionality is limited to only the recent Facebook breach and not other known breaches. 

It is unclear how many South Africans’ phone numbers and names were compromised in the Facebook data breach. This is because South Africa has been grouped with the entire African continent and not as an individual country.  

Hunt assures users it is not necessary to change any passwords, as no passwords have been compromised. 

According to Hunt, victims do not have to be worried, but rather be aware of especially spam and phishing attacks that might occur in the near future.

Phishing is a technique used by fraudsters to obtain private data by pretending to be a legitimate organisation such as a bank.

“For the vast majority of people, the risk is solely a matching of a phone number to a name. So what could go wrong? Well, the most likely scenarios are it might be used for spam, and phishing, and very generic phishing as well. What I mean by generic as opposed to targeted is that if you really want to find someone’s phone number, there are lots of ways to do it,” explains Hunt.

In the same breath, Hunt adds that even before the half-billion Facebook leaks, we were already subject to cyber attacks. “Even before the Facebook incident, I received a lot of spam and phishing attacks. We need to be aware that there’s more information out there circulating now. We will probably see more spam and more phishing attacks as a result,” says Hunt. 

To check whether your account was one of those breached, you can visit

Subscribe to the M&G

Thanks for enjoying the Mail & Guardian, we’re proud of our 36 year history, throughout which we have delivered to readers the most important, unbiased stories in South Africa. Good journalism costs, though, and right from our very first edition we’ve relied on reader subscriptions to protect our independence.

Digital subscribers get access to all of our award-winning journalism, including premium features, as well as exclusive events, newsletters, webinars and the cryptic crossword. Click here to find out how to join them and receive a 40% discount on our annual rate..

Eunice Stoltz
Eunice Stoltz is a junior daily news reporter at the Mail & Guardian. She was previously a freelance journalist and a broadcaster at Maroela Media and Smile90.4FM.

Related stories


Subscribers only

Wild garlic harvesters back in court

Healers say the plant is part of their heritage, but officials counter that it is a protected species

Oil boom may be the industry’s last hurrah

Biggest players in the game show signs of recovery but a low-carbon future may threaten fossil fuel

More top stories

Wildlife owners may target state

South Africa has about 350 facilities with 8 000 to 12 000 lions bred in captivity for commercial use in cub petting, canned hunting and the lion bone and other body parts trade.

Noise pollution affects plants and their pollinators

A study of piñon and juniper show that regular exposure to loud sounds affect plants’ growth while birds dispersing seeds move away

EU-banned pesticides are harming farmworkers in SA

The department does not even have a list of registered pesticides, a damning report finds

Namibian court rejects couple’s appeal to bring their babies home

A same-sex couple’s struggle to have their children via surrogacy granted citizenship in Namibia, where marriage between men is not yet legal, is being stonewalled at every turn

press releases

Loading latest Press Releases…