Post Content



Facebook recently suffered a significant data breach with hackers gaining access to the accounts of millions Americans.  According to Facebook, hackers exploited a software flaw in the ‘View As’ option (which lets users to see what their profile looks like from the perspective of another user) and were able to steal “access tokens.” Access tokens are what makes it possible for you to remain signed into your social media accounts on your devices.

Facebook has said that they reset the access tokens for accounts and fixed the vulnerability. However, they recently announced that data from 29 million user accounts, including names, email address, phone numbers, birthdates, and even information about where users checked into, was obtained as a result of the intrusion.

Facebook will be notifying those users whose accounts were compromised. In the meantime, it may be a good idea for all consumers to change their passwords and review their privacy settings. Facebook hasn’t said there is a need to do this, but in general, it is good practice to frequently update the passwords for all social media and online accounts, such as banking and utilities.

Interestingly, many people have also been reporting in the days since the announcement of the breach that their account has been hacked, and warning their current friends not to accept a friend request from them. Facebook has said the two are unrelated and that the “hack” is really just a cloning scam.

A cloned Facebook account is when frauds use the information from your current Facebook page (your name, photos, likes) and create a separate account. Usually the scammers then message your friends and ask for personal information or money (we’ve told you about this type of scam before—refresh your memory here:

The message users are receiving reads something along the lines of “I received another friend request from you. You should check your account and forward this so you can warn others.” Any time someone tells you they received a friend request from you that you did not send, be suspicious as it’s very possible that your account was cloned. It sounds scary, but don’t panic. A simple way to check if you might be the victim of Facebook cloning is to search your name (and similar variations of it). If you come across duplicate profiles, report them to Facebook.

Remember, a cloned account doesn’t necessarily mean your account has been hacked and Facebook officials have said there has not been spike in cloned accounts. Use caution when accepting friend requests from people you don’t know and NEVER share personal or financial information on the site. It’s also smart to avoid filling out those quizzes that ask questions such as your favorite pet and mascot in high school as those questions are often used as security questions for financial accounts if you can’t remember your password.

If you have additional questions, contact the Office of Consumer Affairs and Business Regulation by calling our Consumer Hotline at (617) 973-8787, or toll-free in MA at (888) 283-3757, Monday through Friday, from 9 am-4:30 pm. Follow the Office on Facebook and Twitter, @Mass_Consumer. The Baker-Polito Administration’s Office of Consumer Affairs and Business Regulation along with its five agencies work together to achieve two goals: to protect and empower consumers through advocacy and education, and to ensure a fair playing field for Massachusetts businesses. The Office also oversees the state’s vehicular and customized wheelchair Lemon Laws and Arbitration Programs, Data Breach reporting, Home Improvement Contractor Programs and the MA Do Not Call Registry.

Written By:

Recent Posts

Sector Specific Relief Grants Available for Small Businesses posted on Jan 12

Sector Specific Relief Grants Available for Small Businesses

If you are a small business owner who has been negatively impacted by the pandemic, more assistance is available through the Commonwealth’s COVID-19 Small Business Grant Program. Funds of close to $700 million dollars will be distributed by Massachusetts Growth Capital Corporation (MGCC) to those   …Continue Reading Sector Specific Relief Grants Available for Small Businesses

T-Mobile Data Breach posted on Jan 11

T-Mobile Data Breach

Calling all T-Mobile customers, your mobile carrier has announced a data breach which might impact you. In a letter posted on their website, T-Mobile said: “Our Cybersecurity team discovered and shut down malicious, unauthorized access to some information related to your T-Mobile prepaid wireless account.   …Continue Reading T-Mobile Data Breach

Top 10 Worst Products for Massachusetts Consumers of the Year 2020 posted on Jan 6

Top 10 Worst Products for Massachusetts Consumers of the Year 2020

For the second year in a row we invited you to take a jog down memory lane with us as we looked back at the worst consumer products with our “Top 10 Worst Products for Massachusetts Consumers” list. The Office of Consumer Affairs & Business Regulation   …Continue Reading Top 10 Worst Products for Massachusetts Consumers of the Year 2020