Lundi, 15 Octobre 2018
Latest news
Main » Facebook says attackers stole details from 29 million users

Facebook says attackers stole details from 29 million users

13 Octobre 2018

The 29 million affected users, along with 1 million whose security tokens were taken but did not appear to have their data stolen, will be receiving customized messages from Facebook identifying specifically which types of information on their profiles, if any, were involved in the breach. Particularly distressing is that the hackers accessed the last 15 searches from millions of users, a hodgepodge of text strings that could be embarrassing and revealing.

This was clearly an intentional, malicious theft of user data from Facebook, and some of that data is very granular. Scroll down to a light blue box with the title "Is my Facebook account impacted by this security issue?". For another 14 million people, the attack was potentially more damaging.

Of those 30 million, 29 million had names and emails stolen.

Facebook says it has fixed the vulnerability and has reset the access tokens of all those hacked.

Rosen said the 30 million affected accounts were broadly distributed around the world, but he declined to give a breakdown.

The attackers who carried out the mass hack that Facebook disclosed two weeks ago obtained user account data belonging to as many as 30 million users, the social network said on Friday.

It's safe to say that this recent Facebook access token hack is a complete mess - much more than a simple inconvenience that might have forced you to log back in to your Facebook account on your devices.

For 400,000 of the accounts, which these attackers used to seed the process of gathering login tokens, personal information, such as "posts on their timelines, their lists of friends, Groups they are members of, and the names of recent Messenger conversations" and, in one instance, actual message content, were compromised. First, Facebook is working with agencies including the Federal Bureau of Investigation to find those responsible, second, fewer accounts were actually impacted than thought, and lastly, the firm has set up a help page to show you how you were actually affected.

Facebook is still - with the help of law enforcement agencies - investigating the incident, and in the meantime many people feel as those they are being left in the dark.

Japan's Personal Information Protection Commission (JPPC) has launched an investigation into the social media company, the Nikkei newspaper reported on Friday.

In a press call, Guy Rosen, Facebook's VP of Product Management, said the attackers "moved from account to account using an automated script collecting tokens, repeatedly exploiting the vulnerability using access tokens for about 400,000 people". The hackers had been active for 11 days before Facebook staff noticed something was wrong.

"Facebook should provide all those customers free credit monitoring to make sure the damage is minimized". Facebook will also send messages directly to those people affected by the hack.

Facebook says attackers stole details from 29 million users