Facebook has long stressed that they are all about privacy, but one glitch could leave your account wide open for anyone who can type in 10 digits. As long as an old phone number is listed with the account, and know that it’s an old one, even you can hack a Facebook account.
When someone tries to log into your account, they are most likely going to enter the wrong password. When they do, they’ll get a screen that asks if you would like to use your phone to recover the password. If the phone number is an old one and not one the current owner uses, they can let Facebook know, and type in a new number for the recovery information. They might also be able to use that phone number as it is, if they have a cell phone with that number… and you would never know it.
As soon as the hacker gets the recovery information via the new number they entered, they have full access to your account. So, if you get a text that has password information for your Facebook account, it could very well be that someone is trying to hack your account with what they thought was an old cell phone number.
How can you prevent this? Go into your Facebook settings and remove the phone number from your account. You can give Facebook the correct number, or choose to not have a number listed at all. The latter choice is probably the safest, especially if you frequently change phone numbers.