Facebook: 29 Million Accounts Hacked

Facebook: 29 Million Accounts Hacked

Facebook: 29 Million Accounts Hacked

Facebook will also send messages directly to those people affected by the hack.

Nearly 30 million Facebook users' phone numbers and email addresses were accessed by hackers in the biggest security breach in the company's history, Facebook said Friday.

Earlier, Facebook had said that a security breach had affected the accounts of as many as 50 million people.

Facebook has said that 29 million people's personal data was accessed by hackers, 20 million fewer than was originally feared. Still, cybersecurity experts warned that attackers could use stolen information in targeted phishing scams. From there, the hackers leveraged the lists of Facebook friends of originally compromised users to steal their access tokens.

"This kind of information could help thieves create social engineering-based theft programmes, preying on the Facebook hack victims".

The breach could affect users' willingness to use Facebook products.

Still, for users already uneasy about the privacy and security of their Facebook accounts after a year of tumult, the details that hackers did gain access to - gender, relationship status, hometown and other info - might be even more unsettling. "Usually when you're looking at a sophisticated government operation, then a couple of thousand people hacked is a lot, but they usually know who they're going after".

Facebook has said the attackers gained the ability to "seize control" of those user accounts by stealing digital keys the company uses to keep users logged in. The company added that people can check if they were affected by visiting the Facebook Help Center.

Facebook has revealed that millions of email addresses, phone numbers and other personal user information were compromised during a recent security breach.

Facebook noted that the attack did not include its other apps and devices such as Messenger, Messenger Kids, Instagram, WhatsApp, Oculus, Workplace, payments, third-party apps, or advertising or developer accounts.

Facebook says the FBI is investigating a major security breach of its service, but the company says authorities asked it not to discuss who may be behind the attack.

In a way, this is good news, given that when Facebook previously said it thought as many as 50 million users had been affected.

Facebook said engineers discovered a breach on September 25 and had it patched two days later.

Facebook's lead European Union data regulator, the Irish Data Protection Commissioner, last week opened an investigation into the breach. Instead, Facebook is doing all it can to sweep this under the rug, once again only notifying affected users (full disclosure: I was one of them) with an innocuous link at the top of their News Feed.

"For 1 million people, the attackers did not access any information".

Whodunnit? The social network says the Federal Bureau of Investigation has asked it not to comment on who may have been responsible for the attack while the Feds investigate. The company does note that it is not ruling out "small-scale attacks", either, and is investigating.

Attackers took advantage of a feature in the code, called 'Access Tokens, ' to take over people's accounts.

Related news