We talk about Have I Been Pwned, the website operated by Troy Hunt and which is the best to check if our email has been affected by a hack to a website where we have used it. From today, the web also allows you to check phone numbers based on the hundreds of millions that are in the leaked Facebook database, of which almost 11 million belong to people residing in Spain.
Troy Hunt claims that he had never thought of making phone numbers searchable on his website, since their hacking is less frequent, they are more difficult to automatically process in databases, and their format changes depending on the origin of the hack, where the international code may or may not appear.
However, with the Facebook hack, everything has changed, since there are more than 500 million phone numbers in the leaked database, but there are only a few million email addresses. For this reason, many users are in the hacked database, but since the email did not appear, it was not thought that they could be inside.
In this case, since everything is present in the same database and format, it is easier to process the numbers. Also, two-thirds of Troy Hunt’s followers requested that the phone numbers be included in the search to see if they were among those hacked. Finally, Hunt claims that websites have emerged copying Have I Been Pwned, and for security reasons, it has preferred that users use theirs to prevent others from using the data that users provide for other purposes.
How to check if your phone is on Facebook hack
Thus, now when entering the web, the option to enter the email or phone number appears in the search. The telephone is set up using the international standard E.164, which requires putting the prefix of each country from which the number originates. For example, for a number in Spain of the type 6XXXXXXXX, it will be necessary to put everything together +346XXXXXXXX O 346XXXXXXXX so that it appears in the results, without there being separations, spaces or hyphens, although the search engine itself will eliminate them in the event that we put them.
The database is still being processed, so it may still take a few more hours, or even days, to be available, so it is recommended that you do checks in the next few days once it is all processed and loaded.
With emails, Troy Hunt has a service through which we can subscribe to receive a notification if our email appears in a hack. With telephones, that service is not available, as it would require sending SMS and developing a time-consuming system. Going forward, Hunt says he won’t be adding any new phone numbers unless they are part of a big leak like has happened here.
Facebook has not yet clarified the origin of the hack, nor if it only affects the accounts that put the information as public or if the users who entered their phone for two-step verification are affected, as well as if those numbers belong to WhatsApp or Instagram.