How to check if your Facebook account was hacked

Daniel Fowler
October 13, 2018

Around 30 million people had their Facebook accounts compromised by hackers and their data potentially stolen last month, the company announced on Friday. When Facebook disclosed the latest breach two weeks ago, CEO Mark Zuckerberg said he didn't know if it allowed attackers to steal users' private data.

Ultimately, they stole sensitive personal information from 14 million accounts, including birth dates, recent search history and the last 10 locations where users were tagged.

"We now know that fewer people were impacted than we originally thought".

Out of those 30 million, hackers accessed name and contact details for half of them, Facebook Vice President of Product Management Guy Rosen said in a blog post Friday.

It said third-party apps and Facebook apps like WhatsApp, Instagram and Messenger were unaffected by the breach.

The hackers stole the tokens for, but did not access the data on, another 1 million accounts. For 15 million, they obtained names, phone numbers, and email addresses, if present in their profiles.

Now, Facebook is revealing more data about the breach to give users (and the media, naturally) a better idea of what happened and how much it affects Facebook users.

The breach has left users more vulnerable to targeted phishing attacks and could deepen their unease about posting to a service whose privacy, moderation and security practices have been called into question by a series of scandals, cybersecurity experts and financial analysts said. Earlier this week the company said it had purged roughly 800 accounts and publishers that were sending out politically-motivated spam about the upcoming USA midterm elections, sparking renewed controversy that Facebook is censoring political speech.

72% of workers want bosses to champion mental health at work
Gaga co-wrote the op-ed with Dr Tedros Adhanom Ghebreyesus, director-general of the World Health Organization (WHO). The theme of the day for this year is "young people and mental health in a changing world".

On Friday, the social-networking firm revealed more details about the attack - and said the Federal Bureau of Investigation had asked it not to reveal who might be behind it.

But a trio of errors in Facebook's software enabled someone accessing the feature to post and browse from Facebook accounts of other users.

Shedding new light on the hack, Mr Rosen said the attackers used an "automated technique" to move from account to account stealing tokens of friends-of-friends, "totalling about 400,000 people".

Even if the attackers had tried to use the tokens, they wouldn't have worked, Rosen said, the reason being that Facebook had invalidated all the stolen tokens on September 28.

A smaller slice of people were more heavily affected.

The attack prompted Facebook to take the unprecedented step of logging out the 50 million users whose accounts were exposed and logged out another 40 million users as a precautionary measure. For 14 million people, the attackers accessed the same two sets of information, as well as other details people had on their profiles.

Rosen said the FBI investigation also limited what he could disclose about what the hackers' end-goal may have been, but maintained that Facebook had "no reason to believe this attack was related to the mid-term elections" in the U.S.

Other reports by

Discuss This Article

FOLLOW OUR NEWSPAPER