Social media giant Facebook said on Friday that it discovered a giant security breach affecting nearly 50 million accounts.
Facebook found the breach on Tuesday and fixed it by Thursday night, the company said. It is currently working with the FBI. Details of what happened are still emerging, and it’s too early to tell the degree of information accessed or whether accounts were misused. Facebook says it does not know who was behind the attacks or where they were based.
In order to fix the breach, Facebook logged 90 million people off of its website — all 50 million who were affected, and another 40 million as a precautionary measure.
MONEY spoke with the Identity Theft Resource Center for advice on what users can do after the hack. Here’s what they said:
Log out, log back in
Log out on all of your devices, to help prevent hackers from accessing your saved data.
Change your password
Changing your password is always a good idea – on any account, because it helps boost security and makes it harder for hackers to guess your login.
Check your payments
While Facebook hasn’t said that any payment card information attached to people’s accounts was compromised or misused, it’s still a good idea to monitor and check for any unknown activity on your account. “It’s something you should be doing anyway,” Identity Theft Resource Center President Eva Velasquez describes.
Think before you post
Be careful of what you post on social media. Even if you’re monitoring privacy settings, remember that systems can be compromised. “If you wouldn’t post it on a billboard outside your house, you shouldn’t post it on social media,” Velasquez says.