Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Facebook Password Hack

  • 30-04-2021 8:37am
    #1
    Registered Users, Registered Users 2 Posts: 16


    Hi,

    I have an unusual problem over the past week whereby someone appears to be able to access or is attempting to access my wife’s Facebook account.

    Last Friday my wife got an email notification that someone had logged into her account from an unusual location. Following this she changed her password through Facebook on safari on her mobile phone.

    She got another email notification on Saturday and again changed her password through Facebook on safari on her mobile phone.

    She got another email notification on Sunday and again changed her password through Facebook on safari on her mobile phone. She also enabled 2 factor authentication at this point.

    She got another email notification on Monday plus it was now accompanied by a 2 factor authentication code to her mobile phone (which leads me to believe that whoever is attempting to log in must know her password to get past the first layer of authentication thus trigging the issuing the 2 factor authentication code text). At this point we logged into her Facebook account on Chrome through my desktop and there is a ‘logins and logouts’ area where the successful log in attempts (times and IP addresses) are shown. I could see that there was an IP address different to my wife’s which showed a successful log on at the times that she got the notifications on Friday, Saturday and Sunday. Following the enabling of 2 factor authentication there was no further successful log-in’s shown on this page within Facebook but still every day this week she has received a 2 factor authentication code text once a day and she has changed her password every day. I don’t understand how she is getting the 2 factor authentication code by text every day without the person who attempting to log into her account knowing the new password she sets every day.

    I was concerned that her phone was potentially being monitored while the password was being changed (hence compromising it) so on Tuesday we changed the password using my phone over our home wifi. Same 2 factor authentication code was received by text on Wednesday so to eliminate the potential that our home wifi network was being monitored we again changed the password on my phone over 4G with a VPN turned on. As per usual she got the 2 factor authentication code on Thursday which means the password was again compromised. Its baffling as I proved that neither her phone or our home network was compromised and following us changing her password on my phone over 4G with a VPN turned on she did not use Facebook and the password we setup was never typed in again on any device but somehow the following day she received a 2 factor authentication code by text meaning that somehow her password was obtained.

    I am coming to the conclusion that it may be an issue on Facebook’s side rather than my wife’s side. She only gets one 2 factor authentication code notification per day and various times ranging from 4am to 13pm; could this be a technical glitch? She has tried contacting Facebook through their ‘something went wrong’ section but they have not reverted and they have no contact us section, email address or phone number. She was next going to report it to the Data Protection Commissioner as a data breach as she can’t get any good of Facebook directly.

    Just to say I am an amateur and have no background in internet security.

    Any thoughts would be appreciated.


Comments

  • Registered Users, Registered Users 2 Posts: 1,514 ✭✭✭MoonUnit75


    Could one of the devices used in your home or mobiles/tablets have a VPN enabled? It could be something as simple as her logging in using Opera for example when someone has the built in VPN enabled. Any device with a VPN enabled obviously will show up as being in a foreign location. Seems unlikely someone is able to guess multiple passwords.


  • Posts: 596 ✭✭✭ [Deleted User]


    This is not a matter for the DPC


  • Registered Users, Registered Users 2 Posts: 16 across2587


    MoonUnit75 wrote: »
    Could one of the devices used in your home or mobiles/tablets have a VPN enabled? It could be something as simple as her logging in using Opera for example when someone has the built in VPN enabled. Any device with a VPN enabled obviously will show up as being in a foreign location. Seems unlikely someone is able to guess multiple passwords.

    Thanks for the response. No these log-in's are at times when we are asleep or when she is not using Facebook. Additionally my phone is the only phone with a VPN on it.


  • Registered Users, Registered Users 2 Posts: 16 across2587


    This is not a matter for the DPC

    I felt it may be related to the DPC as potentially it is a data breach of her password. If not the DPC, is there any organization that can get a response from Facebook or is there any way to get Facebook to provide support


  • Posts: 596 ✭✭✭ [Deleted User]


    across2587 wrote: »
    I felt it may be related to the DPC as potentially it is a data breach of her password. If not the DPC, is there any organization that can get a response from Facebook or is there any way to get Facebook to provide support

    A password is not PII, and it’s not Facebook at issue here.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 152 ✭✭Razzen


    2FA doesn't have to get triggered only after a correct login, an incorrect password login should also trigger 2FA.

    Just triggering 2FA after a correct login is in fact a weakness in itself, as it allows for data leakage of the password, Which could again be used on other sites that might not have 2fa enabled.


Advertisement