- Facebook says 30 million users were affected by a massive hack it first disclosed two weeks ago.
- On Friday, the social networking firm revealed more details about the attack — and said the FBI has asked it not to reveal who might be behind it.
- Hackers acccessed millions of victims‘ highly sensitive personal data, including locations, relationship information, recent searches, birthdates, and more.
30 million people have been affected by a massive hack of Facebook — and the FBI has asked the social networking company not to reveal who might be behind it.
On Friday, Facebook provided more details about an attack on its systems that it first disclosed two weeks ago, and said at the time could affect up to 50 million people.
In its update, Facebook said the company is cooperating wih the FBI, and 30 million people were affected in total — with the attackers gaining access to millions of users‘ highly sensitive data, including location, contact details, relationship status, recent searches, and more.
„We’re cooperating with the FBI, which is actively investigating and asked us not to discuss who may be behind this attack,“ Facebook exec Guy Rosen wrote in a blog post.
„We now know that fewer people were impacted than we originally thought. Of the 50 million people whose access tokens we believed were affected, about 30 million actually had their tokens stolen.“
So what happened? The as-yet unidentified hackers were able to exploit vulnerabilities in Facebook’s code to get their hands on „access tokens“ — essentially, digital keys that give them full access to compromised users‘ accounts.
For 14 million victims, the attackers accessed a trove of user highly sensitive data, including gender, relationship status, religion, hometown, current city, birthdate, devices used to log in, education, locations checked into, pages they follow, and recent searches, name and contact details.
For another 15 million, the hackers accessed less information — only name and contact details.
And for one million affected users, the hackers did not access any information.
This story is developing…
Got a tip? Contact this reporter via Signal or WhatsApp at +1 (650) 636-6268 using a non-work phone, email at email@example.com, WeChat at robaeprice, or Twitter DM at @robaeprice. (PR pitches by email only, please.) You can also contact Business Insider securely via SecureDrop.
Source: Business insider