Facebook says attackers stole details from 29 million users

Share

Two weeks ago, Facebook announced that 50 million users were affected, with the possibility of an additional 40 million, so the company reset the "access tokens" or digital keys of the 90 million accounts. The feature allows users to see what their profile looks like to someone else, but hackers were able to use it to steal Facebook access tokens and take over people's accounts. The ability to know the search queries, location check-ins, phone numbers, email addresses, and other personal details of so many people gives the attackers the ability to send highly customized emails, texts, and voice calls that may try to trick people into turning over money, passwords, or other high-value information.

Asked whether Facebook would pay for some kind of identity theft monitoring service for affected users - as breached companies often do - a spokeswoman said: "Not at this time".

Initially, Facebook said as many as 50 million people had been affected, though it decreased that number in Friday's update.

File photo from May 1, 2018 pf Facebook CEO Mark Zuckerberg speaking during the annual F8 summit at the San Jose McEnery Convention Center in San Jose, Calif. Facebook says that it isn't sure whether other, "smaller-scale attacks" are involved with this breach. All you have to do is visit this security notice page on Facebook. The attackers then obtained access tokens for about 29 million users who were friends, or friends of friends, of these 400,000 seed accounts.

Manchester United's Paul Pogba
It's the first mistake the club made. "I've never played in the France team to be captain, being here is already a big thing for me".

Hackers could have seen the last four digits of credit card data in people's accounts, with the rest hidden for security, but there was no sign that data was taken, according to Facebook.

Facebook said engineers discovered a breach on September 25 and had it patched two days later. The hackers did not access the information of the remaining one million people.

Facebook's latest vulnerability has existed since July 2017, but the company first identified it in mid-September after spotting a fairly large increase in the use of its "view as" feature. That number has now been reduced to just 30 million, but the amount of data stolen makes it the worst attack in Facebook's history.

"The attackers used a portion of these 400,000 people's lists of friends to steal access tokens for about 30 million people", stated Facebook's blog post.

Tropical Storm Michael Could Turn Into 'Devastating' Hurricane Before It Hits Florida
Swells are expected to begin affecting the coast of the eastern and northern Gulf of Mexico during the next day or so. Tropical storm to hurricane force winds are less than four days away from the United States .

He added that the content from Messenger "was not available to the attackers, with one exception", - if someone was a Page administrator of a Page that "had received a message from someone on Facebook".

"We don't have a specific indication as to the intention of the hackers", said Guy Rosen, Facebook's vice president of product management.

The company does note that it is not ruling out "small-scale attacks", either, and is investigating.

Saudi Arabian Crown Prince Says He Loves Working With Donald Trump
Addressing Saudi Arabia's rift with Canada, he noted that Ottawa "gave an order to Saudi Arabia on an internal issue". So we export as much as two barrels for any barrel that disappeared from Iran recently.

Share