Hackers Accessed Data From 29 Million Facebook Users

Two weeks ago, Facebook announced that it discovered a security breach allowing hackers to steal Facebook data from millions of accounts, and today, Facebook shared further data on just what was accessed.

To get the Facebook data, hackers took advantage of a security flaw in the social network's "View As" code, a feature designed to let people see what their profile looks like to someone else. The Facebook access tokens that hackers were able to obtain are basically digital keys that allow people to stay logged in to Facebook.


According to Facebook, hackers used a set of accounts that they controlled that were connected to Facebook friends. An automated technique was used to move from account to account, allowing them to collect access tokens in September 2018.

Hackers were able to obtain timeline posts, friend lists, groups, and the names of recent Messenger conversations from an initial 400,000 people. People in this group who were Page admins of a Page that had received a message from someone on Facebook had the content of their messages stolen.

After stealing data from the 400,000 people attacked first, Facebook used their friends list to steal access tokens for approximately 30 million people.

For 15 million people, attackers were able to access name and contact details that include phone number and email address.

For 14 million people, hackers were able to access the same information as well as other data that includes username, gender, location, relationship status, religion, hometown, current city, birthdate, device types used to access Facebook, education, work, the last 10 places where they checked in, websites, people, Pages they follow, and 15 most recent searches.

An additional 1 million people had their access tokens stolen but no information was obtained.

According to Facebook, people can find out whether or not they were affected through the Facebook Help Center. Over the "coming days," Facebook plans to send customized messages to the 30 million people who were affected to explain what information hackers might have obtained.

The FBI is investigating the attack and Facebook has been asked "not to discuss who may be behind [the] attack."

Top Rated Comments

(View all)
Avatar
27 months ago
And people looked at me crazy when I say I never had a FB account..
Score: 26 Votes (Like | Disagree)
Avatar
27 months ago
This is like the guy that sat on the toilet at 11:59 pm and got off at 12:01 am....Same S*** Different Day.
Score: 18 Votes (Like | Disagree)
Avatar
27 months ago
I'm not sure it's useful to differentiate between hackers stealing your personal data vs Facebook willingly selling it to others. The net effect is the same.
Score: 18 Votes (Like | Disagree)
Avatar
27 months ago

The FBI is investigating the attack and Facebook has been asked "not to discuss who may be behind [the] attack.

It's the Russians.

Blaming everything on Russians is the wrong way forward.
Score: 13 Votes (Like | Disagree)
Avatar
27 months ago
Are you #2cool4facebook? Let us know below because we are extremely interested.
Score: 11 Votes (Like | Disagree)
Avatar
27 months ago

The FBI is investigating the attack and Facebook has been asked "not to discuss who may be behind [the] attack.

It's the Russians.

Or China, or North Korea, or Iran.

Glad I deleted my account in 2016.
Score: 10 Votes (Like | Disagree)

Top Stories

Apple References Unreleased 2020 16-Inch MacBook Pro in Boot Camp Update

Monday October 26, 2020 8:42 am PDT by
Last week, Apple released an update for Boot Camp, its utility for running Windows on a Mac. While this update would typically be unremarkable, several of our readers noticed that the release notes reference an unreleased 2020 model of the 16-inch MacBook Pro. While this could easily be a mistake, the 16-inch MacBook Pro is nearly a year old, so it is certainly a worthy candidate for a...

MagSafe Charger Only Charges at Full 15W Speeds With Apple's 20W Power Adapter [Updated]

Monday October 26, 2020 3:38 pm PDT by
Alongside the iPhone 12 and 12 Pro models, Apple introduced a new MagSafe charger that attaches to the magnetic ring in the back of the devices, providing up to 15W of charging power, which is double the speed of the 7.5W Qi-based wireless charging maximum. Apple does not provide a power adapter with the $39 MagSafe charger, requiring users to supply their own USB-C compatible option. Apple...

Google Reportedly Pays Apple $8-12 Billion Per Year to be Default iOS Search Engine

Sunday October 25, 2020 2:59 pm PDT by
The United States Justice Department is targeting a lucrative deal between Apple and Google as part of one of the U.S. government's largest antitrust cases, reports The New York Times. On Tuesday, the Justice Department filed an antitrust lawsuit against Google, claiming the Mountain View-based company used anticompetitive and exclusionary practices in the search and advertising markets to ...

After Mocking Apple, Samsung May Remove Power Adapter From Galaxy S21 Box

Tuesday October 27, 2020 4:29 pm PDT by
Samsung's Galaxy S21, coming in 2021, may not include a power adapter or headphones in the box, according to reports from Korean media sites highlighted by SamMobile. Rumors earlier this year also said that Samsung was considering removing these accessories from future smartphone models, but that didn't stop Samsung from mocking Apple for selling the iPhone 12 models without a power adapter...

Report: Apple Silicon iMac Featuring Desktop Class 'A14T' Chip Coming First Half of 2021

Tuesday October 27, 2020 4:14 am PDT by
The first iMac powered by Apple Silicon is set to arrive in the first half of next year and will feature a desktop class "A14T" chip, according to Chinese-language newspaper The China Times. Codenamed "Mt. Jade," Apple's first custom-made desktop processor will be twinned with its first self-developed GPU, codenamed "Lifuka," both of which are being produced using TSMC's 5-nanometer process, ...

iPhone 12 Six-Foot Drop Test Results: Ceramic Shield More Durable But Not Damage Proof

Monday October 26, 2020 5:00 am PDT by
Apple's new iPhone 12 and iPhone 12 Pro feature a new Ceramic Shield screen that Apple says offers 4x better drop performance. To test that claim, Allstate Protection Plans put the two models through a range of breakability tests and recorded the results. In a face down sidewalk drop test at six feet, the iPhone 12 suffered small cracks and scuffed corners and edges, leaving sharp grooves in ...

Bloomberg: New AirPods and AirPods Pro Coming in 2021, AirPods Studio Delayed, Third HomePod Model Also Possible

Monday October 26, 2020 3:34 am PDT by
Apple plans to update its AirPods line next year with two new models including third-generation AirPods and second-generation AirPods Pro, according to a new report from Bloomberg. The Cupertino, California-based technology giant is working on two new models: third-generation entry-level AirPods and the second version of the AirPods Pro earbuds, according to people familiar with the plans. ...

2020 iPad Air vs. iPad Pro: Hands-On Comparison

Tuesday October 27, 2020 3:03 pm PDT by
Apple announced the new 2020 fourth-generation iPad Air in September, but the new tablets just started shipping out to customers last Friday. We picked one up and thought we'd do a hands-on comparison with the iPad Pro, which was last updated in March, because both tablets are about as powerful and share many similarities. Subscribe to the MacRumors YouTube channel for more videos. Design and ...

iPhone 12 Ceramic Shield Still 'Scratches at Level 6 With Deeper Grooves at Level 7' in Mohs Hardness Test

Wednesday October 28, 2020 7:10 am PDT by
iPhone 12 and iPhone 12 Pro models feature a new Ceramic Shield front cover that is "tougher than any smartphone glass," according to Apple, but the displays on the devices still have similar scratch resistance as previous iPhones based on a new test. Zack Nelson today shared his much-anticipated iPhone 12 Pro durability test on his YouTube channel JerryRigEverything, and based on the Mohs...

Apple Files Mystery 'Personal Computer' With Placeholder 'B2002' Name in Bluetooth Product Database

Tuesday October 27, 2020 12:36 pm PDT by
Last week, a listing appeared in the Bluetooth product database for an Apple product with a placeholder name "B2002" and a model number of "TBD." MacRumors was alerted to the listing by health and fitness tech website MyHealthyApple. The product is filed under the "personal computer" category, which Apple has used for previous Mac and iPad listings in the database, so it is hard to pinpoint...