Facebook says hackers accessed 29M people's accounts

Compartir

Facebook's lead European Union data regulator, the Irish data protection commissioner, last week opened an investigation into the breach.

Security experts have said Facebook's initial breach disclosure arrived earlier than it likely would have prior to the enactment in May of the European Union's General Data Protection Regulation, which mandates notification within 72 hours of learning of a compromise. The company is also not ruling out the possibility of "smaller-scale" attacks and they are still investigating those.

Based on what we've learned so far, your Facebook account has not been impacted by this security incident. For those 400 000, the attackers could see what the users see as they look at their own profiles. Originally Facebook said 50 million accounts were affected, but that it didn't know if they had been misused.

The company says sensitive information like passwords or financial data was not affected.

"We don't have a specific indication of the intention of the attackers". We saw an unusual spike of activity that began on September 14, 2018, and we started an investigation.

It determined that it was an attack on September 25. "They were [doing] that in order to get the access tokens for those people's friends". As a precaution, we also turned off "View As".

"I feel like we've let people down and that feels awful", Zuckerberg told the New Yorker in a September piece.

Breaking into accounts News of the hack emerged on 5 October when Facebook said it feared 50m users had been affected.

Florida's first flu death of the season is a child
Symptoms of the flu start suddenly and include fever that lasts 3-4 days, body aches, chills, tiredness, cough, and headache. The state defines an "outbreak" in a school as "three or more epidemiologically linked cases" of flu or a flu-like disease.

The vulnerability has now been fixed, but not before the attackers used an automated technique to move from account to account so they could steal the access tokens of users, their friends, friends of their friends, and so on, totalling about 400,000 people.

They had access to the information posted on the wall, groups, names of conversations and friends lists. "If a person in this group was a Page admin whose Page had received a message from someone on Facebook, the content of that message was available to the attackers", it added.

The hackers - whose identities are still a mystery - accessed the names, phone numbers, and email addresses of 15 million users, he said.

For 14 million other users, the attack was likely much more damaging. In addition, it was possible to access the basic information of 29 million profiles in the social network.

For 1 million hacked accounts, no information was retrieved.

For the other 15 million users, the breach was restricted to name and contact details.

While nothing is known about who is responsible for the hacking, Facebook can hazard a pretty good guess about whether or not you were hacked.

Compartir