Our group has a closed and private FB page, but we don't post any personal info anyway. Membership rosters with home addresses and phone numbers are distributed via paper. FB is mostly for posting pictures of our activities, quilts we've finished, reminders about meeting dates, times, and places.
We used to have a Yahoo group, but Yahoo was having so many problems with hackers and spoofers, so we moved over to Groups.io.
One of our members got hacked via Yahoo. She received an email saying that she was almost out of space for her photos. She didn't think that was correct, so she clicked the link in the email and logged into her account. Sure enough, she had plenty of space and thought she was fine, until a couple of days later when she couldn't log into her account at all.
The email was a phishing scam. She clicked a link that connected her to a website that looked like Yahoo, but wasn't. As soon as she entered her name and password, the bad guys had access to her account.
Never, never, never click a link in an email!!! If you ever have questions about anything in an email, open a new browser window, manually type in the website address or URL, and log in from there.