Apple's colorful mainstream flagship, starting at $749.
Hackers Accessed Data From 29 Million Facebook Users
Two weeks ago, Facebook announced that it discovered a security breach allowing hackers to steal Facebook data from millions of accounts, and today, Facebook shared further data on just what was accessed.
To get the Facebook data, hackers took advantage of a security flaw in the social network's "View As" code, a feature designed to let people see what their profile looks like to someone else. The Facebook access tokens that hackers were able to obtain are basically digital keys that allow people to stay logged in to Facebook.
According to Facebook, hackers used a set of accounts that they controlled that were connected to Facebook friends. An automated technique was used to move from account to account, allowing them to collect access tokens in September 2018.
Hackers were able to obtain timeline posts, friend lists, groups, and the names of recent Messenger conversations from an initial 400,000 people. People in this group who were Page admins of a Page that had received a message from someone on Facebook had the content of their messages stolen.
After stealing data from the 400,000 people attacked first, Facebook used their friends list to steal access tokens for approximately 30 million people.
For 15 million people, attackers were able to access name and contact details that include phone number and email address.
For 14 million people, hackers were able to access the same information as well as other data that includes username, gender, location, relationship status, religion, hometown, current city, birthdate, device types used to access Facebook, education, work, the last 10 places where they checked in, websites, people, Pages they follow, and 15 most recent searches.
An additional 1 million people had their access tokens stolen but no information was obtained.
According to Facebook, people can find out whether or not they were affected through the Facebook Help Center. Over the "coming days," Facebook plans to send customized messages to the 30 million people who were affected to explain what information hackers might have obtained.
The FBI is investigating the attack and Facebook has been asked "not to discuss who may be behind [the] attack."
To get the Facebook data, hackers took advantage of a security flaw in the social network's "View As" code, a feature designed to let people see what their profile looks like to someone else. The Facebook access tokens that hackers were able to obtain are basically digital keys that allow people to stay logged in to Facebook.
According to Facebook, hackers used a set of accounts that they controlled that were connected to Facebook friends. An automated technique was used to move from account to account, allowing them to collect access tokens in September 2018.
Hackers were able to obtain timeline posts, friend lists, groups, and the names of recent Messenger conversations from an initial 400,000 people. People in this group who were Page admins of a Page that had received a message from someone on Facebook had the content of their messages stolen.
After stealing data from the 400,000 people attacked first, Facebook used their friends list to steal access tokens for approximately 30 million people.
For 15 million people, attackers were able to access name and contact details that include phone number and email address.
For 14 million people, hackers were able to access the same information as well as other data that includes username, gender, location, relationship status, religion, hometown, current city, birthdate, device types used to access Facebook, education, work, the last 10 places where they checked in, websites, people, Pages they follow, and 15 most recent searches.
An additional 1 million people had their access tokens stolen but no information was obtained.
According to Facebook, people can find out whether or not they were affected through the Facebook Help Center. Over the "coming days," Facebook plans to send customized messages to the 30 million people who were affected to explain what information hackers might have obtained.
The FBI is investigating the attack and Facebook has been asked "not to discuss who may be behind [the] attack."
Tag: Facebook
[ 77 comments ]
Top Rated Comments
(View all)
5 days ago at 11:19 am
And people looked at me crazy when I say I never had a FB account..
5 days ago at 11:21 am
I'm not sure it's useful to differentiate between hackers stealing your personal data vs Facebook willingly selling it to others. The net effect is the same.
5 days ago at 11:18 am
This is like the guy that sat on the toilet at 11:59 pm and got off at 12:01 am....Same S*** Different Day.
5 days ago at 11:34 am
The FBI is investigating the attack and Facebook has been asked "not to discuss who may be behind [the] attack.
It's the Russians.
5 days ago at 11:20 am
Are you #2cool4facebook? Let us know below because we are extremely interested.
5 days ago at 11:39 am
The FBI is investigating the attack and Facebook has been asked "not to discuss who may be behind [the] attack.
It's the Russians.
Glad I deleted my account in 2016.
5 days ago at 11:20 am
Let’s see how long it takes this number to balloon to over 100 million.
5 days ago at 11:45 am
It's astounding that people are so willing to give so much personal data to a company.
This 1000%..People need to realize that everytime you check or submit info to these sites; you are pretty much walking into a store and giving whoever is behind the counter your personal information in return for use of their services.
Just imagine walking into a store and the person behind the counter saying; Hi, in order to proceed, please let me know your gender, relationship status and whom you're involved with, your closest circle of friends, interests, political interests, religion, location data, your career field, your employer, and also please submit photos of yourself, pets, friends, and family in order to proceed.
What would you do? How would that make you feel?
5 days ago at 11:40 am
It's astounding that people are so willing to give so much personal data to a company.
[ Read All Comments ]
Apple today announced expanded features for App Store bundles, introducing support for both Mac apps and free apps with subscriptions for the first time.
Mac app developers are now able to...
Earlier this year, Signify (formerly Philips) debuted a new range of outdoor Hue lighting products that are designed to bring the iPhone-controlled multi-colored lights that you're used to using...
Apple's 2018 15-inch MacBook Pro with Touch Bar (2.2 GHz, 16GB RAM, 256GB HD) is receiving a discount at a few online retailers this week, marked down to $2,199.99 from $2,399.99 on...
In March, Lyft began testing a monthly subscription plan for select high-frequency users, and today the company announced that a version of this plan will now be available to everyone in the United...
Apple has announced the reopening of its Shibuya retail store in Tokyo on Friday, October 26 – the same day as the launch of iPhone XR – following renovation that began almost a year ago.
The...
All of Apple's Macs come with Preview, the powerful file viewer that's built into macOS. Preview is the default app that opens up whenever you double-click an image or a PDF, and features...
Libratone today announced that AirPlay 2 is available for its ZIPP and ZIPP MINI speakers through a firmware update that can be downloaded from the Libratone app.
Libratone first announced...
Apple today announced on its WebKit blog that it is ending support for TLS 1.0 and 1.1 starting in March 2020. TLS, or Transport Layer Security, is a security protocol used to protect web traffic.
...
