Thursday, 23 May 2019
Latest news
Main » Facebook reveals details of September data breach affecting 29M users

Facebook reveals details of September data breach affecting 29M users

13 October 2018

Facebook Inc. said that fewer users than it initially thought were impacted by hackers in the largest-ever security breach at the social-media giant two weeks ago, reducing its estimate from 50 million users affected to 30 million.

Perhaps the best news from Facebook is that only 30 million accounts were affected, rather than 50 million it said originally.

Wondering whether you are one of the 29 million Facebook users who had their personal details - including location and search history - stolen by hackers?

An additional 1 million accounts were affected, but hackers didn't get any information from them. For 14 million of those accounts, hackers got even more data, such as hometown, birthdate, the last 10 places they checked into or 15 most recent searches. For one million users, their accounts were hacked but no data was stolen.

If your account was accessed, Facebook will list what information the hackers obtained.

Initial worries that the token pilfering might have led to the compromise of third-party apps implementing Facebook Login turn out to be completely unfounded. USA federal investigators and the Securities and Exchange Commission are also investigating the social media giant's response to revelations that political consultancy Cambridge Analytica improperly collected information from millions of Facebook accounts. But, if you are anxious whether you are one of the impacted users, here is how to confirm in a few simple steps.

According to Facebook, the Federal Bureau of Investigation requested the company to not disclose who might be behind the attack.

Facebook Newsroom
Facebook Newsroom

"The attackers already controlled a set of accounts, which were connected to Facebook friends".

On Friday, the data gathering biz said a mere 30 million people were robbed of their authentication tokens.

The synergy between three separate software bugs allowed the miscreants to misuse Facebook's View As feature - which lets users to see their accounts as someone else would - to steal the access tokens associated with the viewed account. Facebook will also send messages directly to those people affected by the hack. But, during a call with reporters on Friday, Facebook's VP of Product Management Guy Rosen, said that the company has "no reason to believe this specific attack was related to the midterms".

In the tech world, the term "access tokens" refers to digital keys that keep people logged in to sites so they don't need to re-enter their password every time they want to use an app or website.

Facebook did not rule out the possibility of smaller-scale attacks and said it would continue to investigate.

Facebook has said it will not provide identity fraud protection for the victims of its latest data breach.

Facebook reveals details of September data breach affecting 29M users