Facebook revealed Friday that it had determined the major security breach it discovered late last month impacted the accounts of 30 million users.
The company wrote in a blog post that 15 million users had their name and contact information details accessed by hackers, while 14 million had far more personal data exposed, including birthdates, friends lists, the last 10 places they checked into on the social network and their 15 most recent searches.
All of those could help a fraudster pose as Facebook, the employer or a friend. They could then craft a more sophisticated e-mail aimed at tricking users into providing login information on a fake page or into clicking on an attachment that would infect their computers.
An additional 1 million users had no information accessed.
Facebook noted that the hack did not affect its popular Messenger, Instagram and WhatsApp platforms, and that no financial information was accessed.
“We’re cooperating with the FBI, which is actively investigating, and asked us not to discuss who may be behind this attack,” Facebook said in a blog post.
Theresa Payton, a former White House chief information officer and current CEO of security consulting firm Fortalice Solutions, said that it was good news that the number of users affected is now smaller than the 50 million Facebook reported last month, but noted that users are not in the clear.
“When I look at what is potentially at stake, I’m actually more alarmed,” she said. “We’re entering a stage where these sites house an incredible amount of information about our patterns of life.”
“This has a potential for extortion,” Payton added.
Facebook shares fell 2.6 percent after the breach was announced last month, and they were down more than 1 percent following the updated disclosures on Friday.
Source: Read Full Article