Hackers accessed intimate information of 14 million Facebook users

Hackers accessed data of 29 million Facebook users

Hackers accessed data of 29 million Facebook users

The new details come two weeks after Facebook first announced that attackers had access to 50 million users' accounts - meaning they could have logged in as those users.

The hackers stole name and contact details for 29 million users, and took data including birth dates, employers, education and lists of friends from around 14 million users.

Facebook says the FBI is investigating a major security breach of its service, but the company says authorities asked it not to discuss who may be behind the attack.

Facebook originally had said in late September hackers stole digital login codes to take over almost 50 million user accounts.

In Europe, Facebook could face a potential fine of up to $1.63bn (£1.25bn), which is approximately 4% of its annual global revenue.

Facebook isn't giving a breakdown of where these users are, but says the breach was "fairly broad".

Access tokens work as digital keys, letting those who hold them log into Facebook accounts without entering a password.

This was clearly an intentional, malicious theft of user data from Facebook, and some of that data is very granular.

Brett Kavanaugh ‘a victim of lies and deception’
Democrats have said that an FBI investigation into the allegations that Trump ordered was too limited in scope to be useful. Trump continued: "And with that I must state that you, sir, under historic scrutiny, were proven innocent".

Using these initial accounts, the attacker used a bug in Facebook's code relating to a the "View As" feature to access the profiles of friends, which it believes existed since July a year ago.

Facebook said it plans to send messages to users whose accounts were hacked.

For those that had no idea that this happened, essentially hackers abused a security hole in the "View As" feature on your profile that let you check whether your profile had private information visible to other people, friends, or the general public. But the software bugs made user information vulnerable from July 2017 to September 2018.

The good news is this attack was just restricted to Facebook and didn't affect any other services including Instagram, WhatsApp, Messager Kids, etc.

"Today's update from Facebook is significant now that it is confirmed that the data of millions of users was taken by the perpetrators of the attack", Ireland's Data Protection Commission said in a statement on Friday.

"The resources we are pointing people toward are based on the actual types of data accessed - including the steps they can take to help protect themselves from suspicious emails, text messages, or calls", the spokeswoman said.

"There's not much more that Facebook can do", said Michael Pachter, an analyst with Wedbush Securities. Another 15 million people had information like names, phone numbers and email addresses pilfered. Up to 90 million people were logged out of their accounts and had those tokens reset as a result of the bug's discovery.

The company does note that it is not ruling out "small-scale attacks", either, and is investigating.

Recommended News

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.