Hackers Accessed Data From 29 Million Facebook Users

Discussion in 'MacRumors.com News Discussion' started by MacRumors, Oct 12, 2018.

  1. MacRumors macrumors bot


    Apr 12, 2001

    Two weeks ago, Facebook announced that it discovered a security breach allowing hackers to steal Facebook data from millions of accounts, and today, Facebook shared further data on just what was accessed.

    To get the Facebook data, hackers took advantage of a security flaw in the social network's "View As" code, a feature designed to let people see what their profile looks like to someone else. The Facebook access tokens that hackers were able to obtain are basically digital keys that allow people to stay logged in to Facebook.


    According to Facebook, hackers used a set of accounts that they controlled that were connected to Facebook friends. An automated technique was used to move from account to account, allowing them to collect access tokens in September 2018.

    Hackers were able to obtain timeline posts, friend lists, groups, and the names of recent Messenger conversations from an initial 400,000 people. People in this group who were Page admins of a Page that had received a message from someone on Facebook had the content of their messages stolen.

    After stealing data from the 400,000 people attacked first, Facebook used their friends list to steal access tokens for approximately 30 million people.

    For 15 million people, attackers were able to access name and contact details that include phone number and email address.

    For 14 million people, hackers were able to access the same information as well as other data that includes username, gender, location, relationship status, religion, hometown, current city, birthdate, device types used to access Facebook, education, work, the last 10 places where they checked in, websites, people, Pages they follow, and 15 most recent searches.

    An additional 1 million people had their access tokens stolen but no information was obtained.

    According to Facebook, people can find out whether or not they were affected through the Facebook Help Center. Over the "coming days," Facebook plans to send customized messages to the 30 million people who were affected to explain what information hackers might have obtained.

    The FBI is investigating the attack and Facebook has been asked "not to discuss who may be behind [the] attack."

    Article Link: Hackers Accessed Data From 29 Million Facebook Users
  2. rpmurray macrumors regular

    Feb 21, 2017
    Back End of Beyond
    The FBI is investigating the attack and Facebook has been asked "not to discuss who may be behind [the] attack.

    It's the Russians.
  3. TokMok3 macrumors 6502

    Aug 22, 2015
  4. vegetassj4, Oct 12, 2018
    Last edited: Oct 12, 2018

    vegetassj4 macrumors regular


    Oct 16, 2014
    This is like the guy that sat on the toilet at 11:59 pm and got off at 12:01 am....Same S*** Different Day.
  5. iapplelove macrumors 601


    Nov 22, 2011
    East Coast USA
    And people looked at me crazy when I say I never had a FB account..
  6. AngerDanger macrumors 68040


    Dec 9, 2008
    ← Downward Crow's Head
    Are you #2cool4facebook? Let us know below because we are extremely interested.
  7. HiRez macrumors 603


    Jan 6, 2004
    Western US
    Let’s see how long it takes this number to balloon to over 100 million.
  8. EdT macrumors 65816


    Mar 11, 2007
    Omaha, NE
    I don’t see this as news anymore. Unless people immediately lose money or have their credit destroyed overnight 99% of Facebook users don’t care that their (so called) private information is being viewed and at some point mis-used.
  9. 0815 macrumors 68000


    Jul 9, 2010
    here and there but not over there
    don't think anybody still on FaceBook is expecting any kind of privacy or data protection ... at least I hope that's the case since they are over and over in the news for violations, bad practices and stuff like this. Deleted my account many many years ago and didn't miss it a day. I deleted it after they started sharing with my friends which articles from 'partner' web sites I was reading (even when I was not actively logged into the webpage) - not that I had to hide anything, but I wanted to be in control what is shared and what not (they discontinued the 'feature' a short time after introducing it) it also annoyed me that they kept 'improving' the security setting and every time were resetting it to the default (which was back than sharing everything with everyone) and you had to drill down deeper and deeper to keep it from sharing stuff (not sure if they still do that garbage ... I don't care anymore)
  10. BootsWalking macrumors 6502a

    Feb 1, 2014
    I'm not sure it's useful to differentiate between hackers stealing your personal data vs Facebook willingly selling it to others. The net effect is the same.
  11. elvisimprsntr macrumors 6502

    Jul 17, 2013
  12. Appurushido macrumors regular

    Sep 28, 2012
    These hacks about stolen info from Facebook, CC companies, Target, stores your purchased from, Equifax, online places etc. is all too common now. People are so conditioned to know it will happen again and they won't get any restitution nor any punishment will take place against these companies for failing to protect our information.
  13. jonnysods macrumors 603


    Sep 20, 2006
    There & Back Again
    Its unfortunate. But I don't care as much about this stuff as I would having my banking hacked. Nothing is physical anymore!
  14. TheSourceOfTruth macrumors newbie


    Sep 4, 2018
    Blaming everything on Russians is the wrong way forward.
  15. white4s macrumors 65816

    Nov 15, 2011
    New Jersey
    Lol exactly why I have zero personal info on there other than the obvious. People that fill out their profiles to the full extend are wild
  16. magicschoolbus macrumors 6502a


    May 27, 2014
    Or China, or North Korea, or Iran.

    Glad I deleted my account in 2016.
  17. eeboarder macrumors member


    Jul 29, 2005
    It's astounding that people are so willing to give so much personal data to a company.
  18. EdT macrumors 65816


    Mar 11, 2007
    Omaha, NE
    Beyond a small few most people never got upset about information privacy invasion. The “cost” of losing some privacy was worth the convenience of connecting with family and friends easily in a ‘at-your-convenience’ mode. And if something really bad happens it’s difficult to prove it was FB or whatever once a short time has passed.
  19. DotCom2 macrumors 68040

    Feb 22, 2009
  20. magicschoolbus macrumors 6502a


    May 27, 2014
    This 1000%..

    People need to realize that everytime you check or submit info to these sites; you are pretty much walking into a store and giving whoever is behind the counter your personal information in return for use of their services.

    Just imagine walking into a store and the person behind the counter saying; Hi, in order to proceed, please let me know your gender, relationship status and whom you're involved with, your closest circle of friends, interests, political interests, religion, location data, your career field, your employer, and also please submit photos of yourself, pets, friends, and family in order to proceed.

    What would you do? How would that make you feel?
  21. supercoolmanchu macrumors regular


    Mar 5, 2012

    But we can blame Russians for their dressing, and for making pastrami sandwiches delicious.
  22. UnionVGF macrumors 6502a


    Oct 4, 2013
    Take your time Facebook it's not like 30 million people had vulnerable information out there or anything.....
  23. coolfactor macrumors 68040

    Jul 29, 2002
    Vancouver, BC CANADA
    It's not clear to me exactly how they obtained the info. Did they bypass the website and access the FB databases directly? I'm pretty sure that is not possible. Access is only via the FB software powering the website. Sure, they had the keys, but were they scraping 30 million page renders for the information?
  24. UnionVGF, Oct 12, 2018
    Last edited: Oct 12, 2018

    UnionVGF macrumors 6502a


    Oct 4, 2013
    You have an iPhone? You have cell phone service? You have internet service? Have a credit card? You gave far more info to those companies than the overwhelming majority gave Facebook.
  25. MacFather macrumors 6502a


    Mar 16, 2012
    The world would be a better place without spongers like Zuckerberg.

Share This Page