Post Content



Facebook recently suffered a significant data breach with hackers gaining access to the accounts of millions Americans.  According to Facebook, hackers exploited a software flaw in the ‘View As’ option (which lets users to see what their profile looks like from the perspective of another user) and were able to steal “access tokens.” Access tokens are what makes it possible for you to remain signed into your social media accounts on your devices.

Facebook has said that they reset the access tokens for accounts and fixed the vulnerability. However, they recently announced that data from 29 million user accounts, including names, email address, phone numbers, birthdates, and even information about where users checked into, was obtained as a result of the intrusion.

Facebook will be notifying those users whose accounts were compromised. In the meantime, it may be a good idea for all consumers to change their passwords and review their privacy settings. Facebook hasn’t said there is a need to do this, but in general, it is good practice to frequently update the passwords for all social media and online accounts, such as banking and utilities.

Interestingly, many people have also been reporting in the days since the announcement of the breach that their account has been hacked, and warning their current friends not to accept a friend request from them. Facebook has said the two are unrelated and that the “hack” is really just a cloning scam.

A cloned Facebook account is when frauds use the information from your current Facebook page (your name, photos, likes) and create a separate account. Usually the scammers then message your friends and ask for personal information or money (we’ve told you about this type of scam before—refresh your memory here:

The message users are receiving reads something along the lines of “I received another friend request from you. You should check your account and forward this so you can warn others.” Any time someone tells you they received a friend request from you that you did not send, be suspicious as it’s very possible that your account was cloned. It sounds scary, but don’t panic. A simple way to check if you might be the victim of Facebook cloning is to search your name (and similar variations of it). If you come across duplicate profiles, report them to Facebook.

Remember, a cloned account doesn’t necessarily mean your account has been hacked and Facebook officials have said there has not been spike in cloned accounts. Use caution when accepting friend requests from people you don’t know and NEVER share personal or financial information on the site. It’s also smart to avoid filling out those quizzes that ask questions such as your favorite pet and mascot in high school as those questions are often used as security questions for financial accounts if you can’t remember your password.

If you have additional questions, contact the Office of Consumer Affairs and Business Regulation by calling our Consumer Hotline at (617) 973-8787, or toll-free in MA at (888) 283-3757, Monday through Friday, from 9 am-4:30 pm. Follow the Office on Facebook and Twitter, @Mass_Consumer. The Baker-Polito Administration’s Office of Consumer Affairs and Business Regulation along with its five agencies work together to achieve two goals: to protect and empower consumers through advocacy and education, and to ensure a fair playing field for Massachusetts businesses. The Office also oversees the state’s vehicular and customized wheelchair Lemon Laws and Arbitration Programs, Data Breach reporting, Home Improvement Contractor Programs and the MA Do Not Call Registry.

Written By:

Recent Posts

Precautions to Take When You Encounter a Romance Scam posted on Feb 10

Precautions to Take When You Encounter a Romance Scam

Every year on February 14th, Valentine’s Day encourages trading gifts, purchasing roses, and special romantic evenings with your partner. It could be the day your sweetheart looks forward to the most in February. Though it may be the most romantic day of the year, you   …Continue Reading Precautions to Take When You Encounter a Romance Scam

Roslindale Homeowners Receive HIC Guaranty Fund Check posted on Jan 31

Roslindale Homeowners Receive HIC Guaranty Fund Check

On Friday, January 24th, the Undersecretary of the Office of Consumer Affairs and Business Regulation, Edward A. Palleschi, presented two Roslindale homeowners with checks from the Home Improvement Contractor (HIC) Guaranty Fund, a fund that is administered by the Office. The homeowners received checks for   …Continue Reading Roslindale Homeowners Receive HIC Guaranty Fund Check

Steps You Can Take During an Auto Recall posted on Jan 27

Steps You Can Take During an Auto Recall

Last week, Toyota announced a recall of 700,000 vehicles due to concerns regarding faulty fuel tanks and engine stalling that could result in crash. This week, the company has announced a recall of an additional 2.9 million vehicles in the United States, citing issues with   …Continue Reading Steps You Can Take During an Auto Recall