Facebook says hackers accessed 29M people's accounts

Facebook says hackers accessed 29M people's accounts

Facebook says hackers accessed 29M people's accounts

"The FBI have asked us not to discuss who may be behind this attack", Guy Rosen, a vice president of product management at Facebook, said on a call with reporters.

And in addition to saying the breach ultimately affected about 30 million users instead of the 50 million it first reported, Facebook said the hack started among 400,000 people closest to the attackers.

Rosen reiterates that people's accounts "have already been secured" by what Facebook did two weeks back when they prompted millions of users to reset the access tokens. Previously, Facebook had said it didn't know what, if any, information was compromised.

Facebook does not believe that hackers obtained any information from the other one million people compromised by the attack, which started on September 14 and which Facebook said it was able to stop on September 27.

Rosen said Messenger, Messenger Kids, Instagram, WhatsApp, Oculus, Workplace, Pages, payments, third-party apps, advertising and developer accounts were not affected. The attackers then used the list of friends they collected to "eventually steal access tokens for about 30 million people".

The hackers - whose identities are still a mystery - accessed the names, phone numbers and email addresses of 15 million users, he said.

The attackers took profile details such as birth dates, employers, education history, religious preference, types of devices used, pages followed and recent searches and location check-ins from 14 million users.

On Friday, the company revealed 14 million users had highly personal information stolen by hackers.

Messages between accounts were not compromised by the hackers, Mr Rosen said on Friday, except if the person was a page admin whose page had received a message.

Facebook isn't giving a breakdown of where these users are, but says the breach was "fairly broad".

Access tokens work as digital keys, letting those who hold them log into Facebook accounts without entering a password.

Users can visit the Facebook "Help Centre", to see whether they were affected and what information was stolen, including the last ten places they checked in, their hometown and last ten searches they made.

If you see anything different, at least you'll know that there's something to be concerned about. It also plans to share steps they can take to protect themselves from suspicious emails, text messages and phone calls.

For Facebook users that are concerned that their data isn't safe, there's a way to tell if it was stolen in the massive hack.

Now, Facebook has released an update on the breach investigation revealing the true number of users affected by the hack. But three errors in Facebook's software enabled someone accessing "view as" to post and browse from the Facebook account of the other user.

One million accounts were affected but hackers didn't gain information. It did not say how many accounts were actually hacked though.

"This doesn't sound very targeted at all", he said. You might truly be surprised by how much data Facebook has on you.

Related news