Facebook Breach Hit 30 Million

Facebook- Shutterstock

In late September, Facebook revealed hackers found a security loophole caused by three separate bugs that affected almost 50 million Facebook accounts.

"Now clearly these episodes tell us that Facebook has not done enough that it should have done for the purposes of protecting the sensitive personal data and personal information of its users. We will review the incident carefully and take punitive measures under Korean data laws".

The company stated that of the expected 50 million users, only 30 million users' access tokens were stolen.

Attackers accessed two sets of information on about 15 million users. Then "the attackers used a portion of these 400,000 people's lists of friends to steal access tokens for about 30 million people", said Rosen.

Weeks after announcing that nearly 50 million accounts on its website had been breached, Facebook adjusted the number to 30 million last Friday.

Facebook isn't giving a breakdown of where these users are, but says the breach was "fairly broad". Now it plans to come up with messages to people whose accounts were hacked. For 14 million of them, hackers got even more data, such as hometown, birthdate, the last 10 places they checked into or the 15 most recent searches.

Fortunately, all third-party applications and a range of first-party apps including Messenger, Instagram, WhatsApp and Oculus remain completely unaffected by the breach.

Facebook finally comes clean on the recent hack
Facebook Breach Hit 30 Million

The company says it is now cooperating with the Federal Bureau of Investigation "which is actively investigating and asked us not to discuss who may be behind this attack".

"We have not ruled out the possibility of smaller-scale attacks, which we're continuing to investigate", Rosen also added.

He also noted that people should be aware that their connections on Facebook can leave them open to data harvesting. A login token is assigned to a profile so a user doesn't have to re-enter their password. Its engineers are said to be working closely with the FBI, which has requested it not to share further details so as not to compromise the investigation.

The company said it has fixed the bugs and logged out affected users to reset those digital keys.

Patrick Moorhead, founder of Moor Insights & Strategy, said the breach appeared similar to identity theft breaches that have occurred at companies including Yahoo and Target in 2013.

Guy Rosen, Facebook's vice president of product management, disclosed that the attackers abused a Facebook feature "view as", which enables users to view their own profile like others. "Facebook should provide all those customers free credit monitoring to make sure the damage is minimized".

"This doesn't sound very targeted at all", he said. If you allegedly sent out friend requests to people you don't know, or spot messages that you didn't write then alarm bells should be going off.

Related:

Comments

Latest news

Fans face rain to greet Harry and Meghan on Down Under tour
I guess they weren't too keen on sharing an adjoining door with Kate and Wills ? Unless you're the Duke and Duchess of Sussex . Pupils from Trinity Grammar forgot to remind Prince Harry and Meghan about the loud noise generated by the miniature cars.

Canada Becomes the Second Country to Legalize Recreational Marijuana
At the stroke of midnight on October 17, Canada became only the second country in the world to legalize recreational marijuana. Some are operating government-run stores, some are allowing private retailers, some both.

China punishes blogger for disrespecting national anthem
The NPC changed the criminal law in November to allow those who disrespected the anthem to be jailed for up to three years. Shanghai police said Ms Yang "was disrespectful to the dignity of the national anthem and invited disgust among netizens".

Dodgers Go Ahead 3-2 In NLCS Behind Strong Kershaw Start
He then gave way to Ryan Madson, who allowed back-to-back two-out doubles, with Curtis Granderson's driving in a run. The Dodgers could only muster five hits and struck out 14 times in a game that was largely uncompetitive.

Google reveals that censored Chinese search engine tests are going well
Through interior tests, he said Google discovered it would be capable serve "well more than 99% of inquiries". The team wanted to explore more as they understand that the market and users will take a long-term view.

Other news