Published: Sat, October 13, 2018
Money | By Armando Alvarado

Facebook says attackers stole details from 29 million users

Facebook says attackers stole details from 29 million users

They do not believe the breach was related to the upcoming midterm elections.

Of those 30 million, 29 million had names and emails stolen.

In Europe, Facebook could face a potential fine of up to $1.63bn (£1.25bn), which is approximately 4% of its annual global revenue. And among those, not everyone suffered data theft as a effect.

Thomas Rid, a professor at the Johns Hopkins University, also said the evidence, particularly the size of the breach, seems to point to a criminal motive rather than a sophisticated state operation, which usually targets fewer people.

Facebook dives into how it tracked down the attack in the first place in the blog post, but ultimately says that 30 million individuals were affected by the breach.

Facebook also stressed that the attack did not affect Messenger, Messenger Kids, Instagram, WhatsApp, Oculus, Workplace, Pages, payments, third-party apps, or advertising or developer accounts.

For one million of the token deprived, the attackers took no information.

According to Facebook VP of Product Management Guy Rosen, attackers were able to access name and contact information for half of the hacked accounts.

The hack impacted 50 million accounts on the service.

We saw an unusual spike of activity that began on September 14, 2018, and we started an investigation.

Khabib Nurmagomedov's Father Not Happy with His Son's Actions At UFC 229
Not letting a single swing of momentum slip, Khabib mounted Conor, pulling the Irishman's limbs before he somehow made it to his feet.

The company said it is cooperating with an FBI investigation into the security breach and that investigators had requested Facebook not discuss who was behind the attack.

Rosen says the attackers did not access any credit card information associated with members' accounts, and that the company has not received any reports of stolen information being available on the dark web - portions of the internet requiring special software to reach.

The hack, one of the worst in Facebook history, comes at a time when the Menlo Park, California-based social network is desperately trying to regain trust with its users.

The exploit allowed hackers to steal copies of access tokens from accounts of "friends" by using the "view as" feature. The company had initially said 50 million accounts were affected.

"There's not much more that Facebook can do", said Michael Pachter, an analyst with Wedbush Securities.

"People's privacy and security is incredibly important and we're sorry this happened", said Rosen. Facebook will also send messages directly to those people affected by the hack.

"Today's update from Facebook is significant now that it is confirmed that the data of millions of users was taken by the perpetrators of the attack", Ireland's Data Protection Commission said in a statement on Friday.

Nonetheless, Facebook may end up opening the corporate coffers to make things right.

"We'll have to see what Facebook discloses about potential liability if any exists", said Pravin Kothari, CEO of CipherCloud, in an email to The Register.

Like this: