Over the weekend, personal data of upwards of 533 million worldwide Facebook users - including an estimated 1.5 million Irish users - was published online.
The information included phone numbers, Facebook IDs, names, locations, birthdates, and email addresses.
In a statement, the Data Protection Commission (DPC) said: “A dataset, appearing to be sourced from Facebook, has appeared on a hacking website this weekend for free and contains records of 533 million individuals.
“A significant number of the users are EU users. Much of the data appears to been data scraped some time ago from Facebook public profiles.”
"Previous datasets were published in 2019 and 2018 relating to a large-scale scraping of the Facebook website which at the time Facebook advised occurred between June 2017 and April 2018 when Facebook closed off a vulnerability in its phone lookup functionality.
"Because the scraping took place prior to GDPR, Facebook chose not to notify this as a personal data breach under GDPR."
How to check if your personal data was leaked from Facebook?
A reputable website - haveibeenpwned.com - lets you check whether your email address or mobile number is part of the leak.
- Go to the haveibeenpwned.com website
- Enter your email address or phone number
- *Make sure to input your number in the international phone code format (put 353 before it and drop the zero. Eg 0871234567 = 353871234567)
- The website will then list any data breaches that your email/phone number was included in