Facebook has released more details on the recent breach and it’s a mix of good and bad news. The good news is fewer users were attacked than the original estimate but the bad news is, hackers were able to steal data during the breach.
In a blog post, Facebook’s VP of Product Management, Guy Rosen revealed that the company has been going to through their systems round the clock to figure more about the attack that happened two weeks back. As we reported earlier, hackers used Security Tokens to access profiles of over 50 million users. For those who don’t know, Security Tokens or access tokens are digital encryption keys that are unique to an account and are stored to keep the user logged in so they don’t have to enter passwords all the time.
Facebook identified a spike in the activity of September 14, 2018, which led them to launch an internal investigation. The company found out about the attack on September 25 and it took them two days to close the vulnerability by resetting the access tokens for people who were potentially exposed. Post that, Facebook followed the proper procedure and notified the FBI about the attack and is working with other law enforcement agencies to find out the people behind the attack.
We saw an unusual spike of activity that began on September 14, 2018, and we started an investigation. On September 25, we determined this was actually an attack and identified the vulnerability. Within two days, we closed the vulnerability, stopped the attack, and secured people’s accounts by resetting the access tokens for people who were potentially exposed. As a precaution, we also turned off “View As.”
Facebook first confirmed that 50 million users were affected from the hack but now has settled on 30 million as the final number. Moreover, Facebook has now confirmed that hackers did actually steal data of over 29 million users. Facebook also provided a list of the kind of data that was stolen/used by hackers during the breach. You can head below to check out the list.
- Contact Details (phone number, email, or both)
- Relationship status
- Self-reported current city
- Device types used to access Facebook
- The last 10 places they checked into or were tagged in
- People or Pages they follow
- The 15 most recent searches
Facebook has divided the 30 million affected users into two categories- the first category has 15 million just had their name and contact details stolen, the second category has 14 million users who had their name, contact number along with all above-mentioned details stolen and the third category has 1 million users whose data was not accessed.
Facebook has set up a link where people can go and check if they were affected. Not only that, the company will send a message to the 30 million people affected to explain what information the attackers might have accessed, as well as steps they can take to help protect themselves, including from suspicious emails, text messages, or calls.
The good news is this attack was just restricted to Facebook and didn’t affect any other services including Instagram, WhatsApp, Messager Kids, etc. For now, the company is working with both US and international authorities to identify the hackers and take necessary steps.