Advertisement
MODs please see this information notice in the mod's forum. Thanks!
Boards Golf Society are looking for new members for 2022...read about the society and their planned outings here!
How to add spoiler tags, edit posts, add images etc. How to - a user's guide to the new version of Boards

Facebook Password Hack

  • #1
    Registered Users Posts: 16 ✭✭✭ across2587


    Hi,

    I have an unusual problem over the past week whereby someone appears to be able to access or is attempting to access my wife’s Facebook account.

    Last Friday my wife got an email notification that someone had logged into her account from an unusual location. Following this she changed her password through Facebook on safari on her mobile phone.

    She got another email notification on Saturday and again changed her password through Facebook on safari on her mobile phone.

    She got another email notification on Sunday and again changed her password through Facebook on safari on her mobile phone. She also enabled 2 factor authentication at this point.

    She got another email notification on Monday plus it was now accompanied by a 2 factor authentication code to her mobile phone (which leads me to believe that whoever is attempting to log in must know her password to get past the first layer of authentication thus trigging the issuing the 2 factor authentication code text). At this point we logged into her Facebook account on Chrome through my desktop and there is a ‘logins and logouts’ area where the successful log in attempts (times and IP addresses) are shown. I could see that there was an IP address different to my wife’s which showed a successful log on at the times that she got the notifications on Friday, Saturday and Sunday. Following the enabling of 2 factor authentication there was no further successful log-in’s shown on this page within Facebook but still every day this week she has received a 2 factor authentication code text once a day and she has changed her password every day. I don’t understand how she is getting the 2 factor authentication code by text every day without the person who attempting to log into her account knowing the new password she sets every day.

    I was concerned that her phone was potentially being monitored while the password was being changed (hence compromising it) so on Tuesday we changed the password using my phone over our home wifi. Same 2 factor authentication code was received by text on Wednesday so to eliminate the potential that our home wifi network was being monitored we again changed the password on my phone over 4G with a VPN turned on. As per usual she got the 2 factor authentication code on Thursday which means the password was again compromised. Its baffling as I proved that neither her phone or our home network was compromised and following us changing her password on my phone over 4G with a VPN turned on she did not use Facebook and the password we setup was never typed in again on any device but somehow the following day she received a 2 factor authentication code by text meaning that somehow her password was obtained.

    I am coming to the conclusion that it may be an issue on Facebook’s side rather than my wife’s side. She only gets one 2 factor authentication code notification per day and various times ranging from 4am to 13pm; could this be a technical glitch? She has tried contacting Facebook through their ‘something went wrong’ section but they have not reverted and they have no contact us section, email address or phone number. She was next going to report it to the Data Protection Commissioner as a data breach as she can’t get any good of Facebook directly.

    Just to say I am an amateur and have no background in internet security.

    Any thoughts would be appreciated.


Comments



  • Could one of the devices used in your home or mobiles/tablets have a VPN enabled? It could be something as simple as her logging in using Opera for example when someone has the built in VPN enabled. Any device with a VPN enabled obviously will show up as being in a foreign location. Seems unlikely someone is able to guess multiple passwords.




  • This is not a matter for the DPC




  • MoonUnit75 wrote: »
    Could one of the devices used in your home or mobiles/tablets have a VPN enabled? It could be something as simple as her logging in using Opera for example when someone has the built in VPN enabled. Any device with a VPN enabled obviously will show up as being in a foreign location. Seems unlikely someone is able to guess multiple passwords.

    Thanks for the response. No these log-in's are at times when we are asleep or when she is not using Facebook. Additionally my phone is the only phone with a VPN on it.




  • This is not a matter for the DPC

    I felt it may be related to the DPC as potentially it is a data breach of her password. If not the DPC, is there any organization that can get a response from Facebook or is there any way to get Facebook to provide support




  • across2587 wrote: »
    I felt it may be related to the DPC as potentially it is a data breach of her password. If not the DPC, is there any organization that can get a response from Facebook or is there any way to get Facebook to provide support

    A password is not PII, and it’s not Facebook at issue here.


  • Advertisement


  • 2FA doesn't have to get triggered only after a correct login, an incorrect password login should also trigger 2FA.

    Just triggering 2FA after a correct login is in fact a weakness in itself, as it allows for data leakage of the password, Which could again be used on other sites that might not have 2fa enabled.


Advertisement