Facebook hack nets details of 30-million

Ruben Fields
October 18, 2018

At the time, Facebook vice president of product management Guy Rosen indicated that around 50 million user accounts were exposed by the vulnerability, with another 40 million having been potentially exposed by their use of the "View As" feature.

Still, for users already uneasy about the privacy and security of their Facebook accounts after a year of tumult, the details that hackers did gain access to-gender, relationship status, hometown and other info-might be even more unsettling.

Facebook's engineering team discovered a security issue where attackers exploited a vulnerability in Facebook's code regarding the "View As" feature on the 25th of September. Users can visit the page to immediately find out whether they've been affected by the breach.

Facebook's lead European Union data regulator, the Irish data protection commissioner, last week opened an investigation into the breach.

The attackers then used a portion of the 400,000 people's lists of friends to steal access tokens for about 30 million people.

"Now clearly these episodes tell us that Facebook has not done enough that it should have done for the purposes of protecting the sensitive personal data and personal information of its users".

But all said, Facebook is not getting into the details of breakdown for the accounts hacked of where these users are, but says that the breach was "fairly broad".

Murder charge for grandmother after toddler found in oven
Bolivar County Sheriff Kelvin Williams told NBC News that police have yet to figure out why this heinous act was committed. Jones is jailed on $500,000 bail. 'This is one of the most terrible things I've seen in doing law enforcement.

Regulators around the world have ongoing inquiries into another matter that came to light in March: How profile details from 87 million Facebook users were improperly accessed by political data firm Cambridge Analytica. To put a fine point on it, up 90 million accounts may have been compromised through a bug in Facebook's "access token" system, which is what keeps you logged on despite not opening the app every second of the day.

It's the type of information that people can use in phishing attempts - meaning when scammers lure you into entering passwords or other information on fake websites.

"This attack did not include Messenger, Messenger Kids, Instagram, WhatsApp, Oculus, Workplace, Pages, payments, third-party apps, or advertising or developer accounts", Rosen confirmed.

While hackers used access tokens to fool the site into thinking the login was authorized, there's no indication they had access to Facebook passwords, and it may not be necessary to change them.

"We take these incidents very, very seriously, and nothing is more important to us than the security of people's information", he said.

According to Facebook, the Federal Bureau of Investigation is presently investigating the matter, but directed the company not to discuss about who may be behind the attack. If you allegedly sent out friend requests to people you don't know, or spot messages that you didn't write then alarm bells should be going off.

Other reports by

Discuss This Article

FOLLOW OUR NEWSPAPER