Has Your Facebook or Instagram Been Hacked? How to Find Out, and What to Do

There’s a lot of important information sitting in our Facebook and Instagram accounts these days, from baby photos to private messages, that can be used to steal your identity and possibly hack into your bank account. And when there’s a big social-media outage, as there was Tuesday, many people begin to wonder if their information is safe.

It’s always worth checking if you ever suspect something has gone wrong. And it’s pretty easy to do.

Check Facebook to see if you’ve been hacked

Mercifully, Meta, owner of both Facebook and Instagram, has a single site for all your account information (accountscenter.facebook.com and accountscenter.instagram.com bring you to the same page).

From there, click on Password and Security and then Where you’re logged in.

Screenshot showing Meta accounts

Here’s where to start checking your Meta accounts.

Ian Sherr

Meta may already alert you to a new login from an unrecognized device, which you can then mark as correct or not. You can also view all the other devices you’ve logged in from and force them to log out if you choose.

Screenshot showing Meta account security

Here’s where you can see recent login activity.

Ian Sherr

Screenshot showing Meta logins

You’ll be able to see where you’re logged in and identify if that was unauthorized activity.

Ian Sherr

Checking activity and permissions

If you have a Facebook account, click on your account and pick Settings and Privacy. From there, select your Activity log and which Apps and websites you’ve given access to your account.

Screenshot of Facebook settings.

It’s fairly easy to check out your account settings.

Ian Sherr

Screenshot showing Facebook activity log

The Activity Log shows your posts, connections and other ways you’ve been interacting with the site. These should look familiar to you. If not … red flag.

Ian Sherr

Screenshot showing Meta settings

Here’s where you can see the apps and websites you’ve connected to via Facebook.

Ian Sherr

This is important because even though your Facebook or Instagram account may not be hacked, a partner app or website you connected to your account may have been. Checking these lists and keeping an eye on your account’s activity will help make sure nothing else happens to your account.

Keep your account safe

If anything seems fishy, immediately change your password. (In that Accounts Center site, pick Password and security and then Change password.)

If you haven’t already, it’s also smart to enable two-factor authentication, which essentially creates a short-term password that’s sent to your phone anytime you try to log in. It’s not perfect, but it helps.

Meta has a feature in Password and Security called Login alerts that you can turn on as well. Whenever anyone tries to log into your account from an unrecognized device, such as one you haven’t logged in from before, it’ll send you an in-app notification, as well as an email to any of the accounts you have on file.

Screenshot showing Meta login alerts

Ian Sherr

Still think you were hacked?

There’s a common scam that goes around Facebook that people call “hacking” but isn’t. What happens is that an unscrupulous fraudster creates an account that looks like it’s you or a friend, with the same profile photo and everything, and then tries to friend the same people who were friends of the original account. 

There’s no hack here, because the account for the person whose details the hacker copied hasn’t actually been compromised. The truth is that this fraudster is just trying to trick your friends into connecting with the fake account. If Grandma accepts the fake friendship with your name and photo on it, they might be able to convince her to give them money down the line, thinking she’s giving it to the real you.

You can report these people for fraud relatively easily by clicking on the three dots next to their profile name, selecting the report option and then following the on-screen instructions.