How to Check Whether You Are Part of the Breach

There are two methods you can use to check whether your personal Facebook info is all out there for everyone to take advantage of.

The haveibeenpwned.com Method

  1. Visit the page haveibeenpwned.com on either your phone, tablet, or desktop computer. Enter your Facebook-linked email into the text box.
  2. After entering the Facebook-associated email and pressing the “pwned?” button to confirm it, you will see one of two results. The red one informs you that your Facebook account has indeed been breached. The green one informs you that your Facebook account is safe, for now. If you are interested in knowing if this free web service is reliable, its track record is solid. haveibeenpwned.com works by collating leaked database dumps into the wider Internet. Then it takes in the key leaked info, such as breached user emails, into its own database. If there are no user emails to be found as a part of any data breach dumps, it simply reports this as “no pwnage found!”

The Firefox Monitor Method

To double-check your results from haveibeenpwned.com, you can also use the Firefox Monitor security service. This is also a free service working much like the first one. Visit monitor.firefox.com on any device.

  1. Enter your Facebook-linked email address into the text box and press the blue “Check for Breaches” button.
  2. If you are unlucky, you will see a message informing you on how many times your email address appeared in known data breaches.
  3. If you are safe, for now, the message will be the same but show 0 data breach results. From a user interface design standpoint, Firefox Monitor should definitely take a cue from haveibeenpwned.com. If both services report your email as compromised, there are security steps you should definitely implement as soon as possible.

What to Do If Your Facebook Email Has Been Exposed

If you are still not willing to delete your Facebook account or switch to its alternatives, you should definitely change your Facebook’s email password by using a dedicated password manager that will generate a strong password and use 256-bit encryption to store it. If that particular email address is not that important to you, it may be best to simply deactivate/delete it. If that is the case, use this opportunity to switch to a Switzerland-based ProtonMail or other alternative email service for enhanced privacy and security. Most importantly, consider what you are getting out of Facebook and its WhatsApp platform that you wouldn’t get on a superior alternative like Telegram, which continues to evolve day to day.