HomeLatest NewsFacebook reveals hackers accessed data from...

Facebook reveals hackers accessed data from 30 million accounts in recent breach

Facebook has shared more details around a security breach two weeks ago that it now says affected about 30 million users.

In a Friday blog post, Guy Rosen, VP of Product Management, said of the 50 million people whose access tokens were compromised when hackers exploited a code vulnerability related to the View As feature, about 30 million actually had their tokens stolen.

Stealing the access tokens, the equivalent of digital keys that keep people logged in to Facebook so they don’t need to re-enter their password, allowed the attackers to take over people’s accounts.

Rosen said the attackers already controlled a set of accounts, which were connected to Facebook friends. They used an automated technique to move from account to account so they could steal the access tokens of those friends, and friends of those friends, and so on, totalling about 400,000 people. In the process, the technique automatically loaded those accounts’ Facebook profiles, mirroring what these 400,000 people would have seen when looking at their own profiles. That includes timeline posts, lists of friends, Groups they are members of, and the names of recent Messenger conversations. Message content was not available to the attackers, with one exception. If a person in the group was a Page administrator whose Page had received a message from someone on Facebook, the content of that message was available to the attackers.

The attackers used a portion of the 400,000 friend lists to steal access tokens for about 30 million people. For 15 million people, attackers accessed two sets of information – name and contact details (phone number, email, or both, depending on what people had on their profiles). For 14 million people, the attackers accessed the same two sets of information, as well as other details people had on their profiles. Those details included username, gender, locale/language, relationship status, religion, hometown, self-reported current city, birthdate, device types used to access Facebook, education, work, the last 10 places they checked into or were tagged in, website, people or Pages they follow, and the 15 most recent searches. For 1 million people, the attackers did not access any information.

People can check whether they were affected by visiting the Facebook Help Center. In the coming days, the social platform will send customized messages to the 30 million people affected to explain what information the attackers might have accessed, as well as steps they can take to help protect themselves.

Customized messages that people will see depending on how they were impacted.

The attack did not include Messenger, Messenger Kids, Instagram, WhatsApp, Oculus, Workplace, Pages, payments, third-party apps, or advertising or developer accounts.

Facebook said as it continues to investigate other ways those behind the breach used Facebook, as well as the possibility of smaller-scale attacks, it’s cooperating with the FBI, U.S. Federal Trade Commission, Irish Data Protection Commission, and other authorities.


Subscribe Now – Free!

Broadcast Dialogue has been required reading in the Canadian broadcast media for 25 years. When you subscribe, you join a community of connected professionals from media and broadcast related sectors from across the country.

The Weekly Briefing from Broadcast Dialogue is delivered exclusively to subscribers by email every Thursday. It’s your link to critical industry news, timely people moves, and excellent career advancement opportunities.

Let’s get started right now.

SUBSCRIBE NOW - IT'S FREE!

At Broadcast Dialogue®, we are committed to delivering industry-leading insights, news, and analysis directly to your inbox—completely free of charge.

By providing full / accurate information, you are helping us sustain Broadcast Dialogue® as a free resource. In return, we commit to delivering high-quality content that keeps you informed on the latest trends, technology, and news shaping the broadcast landscape—at no cost to you.

The Weekly Briefing from Broadcast Dialogue® is delivered exclusively to our subscribers by email every Thursday.
Please enable JavaScript in your browser to complete this form.

Your Subscription Information

Your Name
Your Email Address
Broadcast Dialogue uses this information to understand our audience and deliver relevant content.
Broadcast Dialogue uses this information to understand our audience and deliver relevant content.

Your Company Information

A Couple Of Questions

Do you consider yourself retired?
Are you seeking employment opportunities?

Connie Thiessen
Connie Thiessenhttps://broadcastdialogue.com
Connie has worked coast-to-coast as a reporter, editor, anchor and host at CKNW and News 1130 in Vancouver, News 95.7 and CBC in Halifax, and CFCW Edmonton, among other stations. With a passion for music, film and community service, she led News 95.7 to a 2013 Atlantic Journalism Award and regional RTDNA award for Best Radio Newscast. More recently, she was nominated for Music Journalist of the Year at Canadian Music Week 2019. To report a typo or error please email - [email protected]

Latest News

Broadcast Dialogue – The Podcast: Year-ender with Momentum Media President & Broadcast Dialogue Publisher Shawn Smith

As 2024 comes to a close, we here at Broadcast Dialogue are reflecting on a year that started with Bell announcing it's divestiture of...

Ryan Reynolds, Randy Lennox among new Order of Canada appointees

Actor Ryan Reynolds, former Bell Media President Randy Lennox, Montreal International Black Film Festival founder Fabienne Colas, and retired CTV Atlantic anchor Steve Murphy...

Events / Conferences