Hackers accessed data of nearly 30 mn Facebook users

Facebook product management vice president Guy Rosen on Friday said the cyber attackers exploited a vulnerability in Facebook''s code that existed between July 2017 and September 2018.

Press Trust of India
Washington, Publish Date: Oct 13 2018 12:45PM | Updated Date: Oct 13 2018 12:45PM
Hackers accessed data of nearly 30 mn Facebook usersFile Photo

Social media giant Facebook, which has its largest user base in India, said that a recent hacking into its system has affected about 30 million users. 

Facebook product management vice president Guy Rosen on Friday said the cyber attackers exploited a vulnerability in Facebook's code that existed between July 2017 and September 2018.

The vulnerability has now been fixed, but not before the attackers used an automated technique to move from account to account so they could steal the access tokens of users, their friends, friends of their friends, and so on, totalling about 400,000 people.

"The attackers used a portion of these 400,000 people's lists of friends to steal access tokens for about 30 million people. For 15 million people, attackers accessed two sets of information, name and contact details -- phone number, email, or both, depending on what people had on their profiles," Rosen said. 

For another 14 million people, the attack was potentially more damaging as the hackers accessed both their name and contact details as well as other details like username, gender, location, language, relationship status, religion, hometown, date of birth, device types used to access Facebook, education, work details, places they have recently "checked in" to as visiting, people or pages they follow and the 15 most recent searches.

For the remaining one million people whose access token were stolen, the attackers did not access any information, Rosen said. 

He said users' accounts have already been secured by the Facebook two weeks ago and they do not need to log out again or change their passwords. 

The attack did not affect Facebook-owned Messenger, Messenger Kids, Instagram, WhatsApp, Oculus, Workplace, third-party apps, payments, Pages, and advertising or developer accounts, the company said. 

Asserting that Facebook is still looking at other ways the hackers may have used the platform, Rosen said, "People's credit card information would not have been visible to the attackers, as we do not display full credit card numbers -- not even to the account holder." 

"We haven't ruled out the possibility of smaller-scale, low-level access attempts during the time the vulnerability was exposed.  Our investigation into that continues," he said.

Facebook has been cooperating with the FBI, the US Federal Trade Commission, the Irish Data Protection Commission and other authorities.  

"We don't have a specific indication of the intention of the attackers. And as we have said, we are cooperating with the FBI in an active investigation. As part of the information that we will be sharing with users over the coming days, we will be including information as to how they can watch out for any suspicious e-mails or text messages or things of that sort," Rosen said.

Responding to a question, he said, the company will be notifying people through Facebook so that they can understand what information was accessed from their account and which group they were part of.  

"We will also work to contact people who may not be on Facebook any longer," he said. 

Latest News

  1. Forces lay siege to Tral hamlet in south Kashmir, install lights
  2. Forces lay siege to Tral hamlet in south Kashmir, install lights
  1. Woman held with 20 grenades, ammunition on Srinagar outskirts
  2. Woman held with 20 grenades, ammunition on Srinagar outskirts
  1. Militant killed near LoC in Jammu: Army
  2. Militant killed near LoC in Jammu: Army
  1. Basant Rath transferred; Alok Kumar is new IGP Traffic Jammu and Kashmir
  2. Basant Rath transferred; Alok Kumar is new IGP Traffic Jammu and Kashmir
  1. Infiltration bid foiled in north Kashmir, two militants killed: Army
  2. Infiltration bid foiled in north Kashmir, two militants killed: Army
  1. Eldest son-in law of Hurriyat (G) chairman Geelani passes away
  2. Eldest son-in law of Hurriyat (G) chairman Geelani passes away
  1. SHRC issues notice to chief engineer PDD over power cuts in Kashmir
  2. SHRC issues notice to chief engineer PDD over power cuts in Kashmir
  1. Kashmir hills receive fresh spell of snow, rains lash plains
  2. Kashmir hills receive fresh spell of snow, rains lash plains
  1. NC’s doors open for all who want to strengthen JK’s Special Status: Sagar
  2. NC’s doors open for all who want to strengthen JK’s Special Status: Sagar
  1. Militants behind Kishtwar killings will be neutralised soon: Ram Madhav
  2. Militants behind Kishtwar killings will be neutralised soon: Ram Madhav
  1. Bandipora-Gurez road closed for traffic after snowfall at Razdan Pass
  2. Bandipora-Gurez road closed for traffic after snowfall at Razdan Pass
  1. CUK suspends classwork at Nowgam-I, Nowgam-III campuses
  2. CUK suspends classwork at Nowgam-I, Nowgam-III campuses
  1. Anti-mine boots procured for soldiers in forward posts in Jammu and Kashmir: Army commander
  2. Anti-mine boots procured for soldiers in forward posts in Jammu and Kashmir: Army commander
  1. PM admitted to theft in Rafale deal before SC, alleges Rahul Gandhi
  2. PM admitted to theft in Rafale deal before SC, alleges Rahul Gandhi
  1. 12 killed on railway tracks in Mumbai on single day
  2. 12 killed on railway tracks in Mumbai on single day
  1. Married to north Kashmir resident, woman from PaK elected Sarpanch in Kupwara
  2. Married to north Kashmir resident, woman from PaK elected Sarpanch in Kupwara
  1. SC to hear final arguments in Income Tax case against Rahul and Sonia Gandhi on Dec 4
  2. SC to hear final arguments in Income Tax case against Rahul and Sonia Gandhi on Dec 4
  1. Sabarimala: SC to hear fresh appeals after considering review pleas
  2. Sabarimala: SC to hear fresh appeals after considering review pleas
  1. Shutdown, protest in Tral over power outages
  2. Shutdown, protest in Tral over power outages
  1. Bangladesh plans to repatriate Rohingyas from Thursday
  2. Bangladesh plans to repatriate Rohingyas from Thursday
  1. Pakistan frees two Taliban members as US envoy visits region
  2. Pakistan frees two Taliban members as US envoy visits region
  1. 44 killed in California wildfires
  2. 44 killed in California wildfires
  1. Amnesty strips Aung San Suu Kyi of highest honour
  2. Amnesty strips Aung San Suu Kyi of highest honour
  1. Border roads closed after fresh snowfall, rains in Kupwara areas
  2. Border roads closed after fresh snowfall, rains in Kupwara areas
  1. Congress criticises Modi govt over border killings
  2. Congress criticises Modi govt over border killings
  1. WhatsApp selects 20 teams to curb fake news globally, including India
  2. WhatsApp selects 20 teams to curb fake news globally, including India
  1. Kargil coldest in Jammu and Kashmir
  2. Kargil coldest in Jammu and Kashmir
x
This site uses cookies to deliver our services and to show you relevant news and ads. By using our site, you acknowledge that you have read and understand our Cookie Policy, Privacy Policy, and our Terms of Service.That's Fine