Hackers Accessed Data From 29 Million Facebook Users

Discussion in 'MacRumors.com News Discussion' started by MacRumors, Oct 12, 2018.

  1. MacRumors macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    Two weeks ago, Facebook announced that it discovered a security breach allowing hackers to steal Facebook data from millions of accounts, and today, Facebook shared further data on just what was accessed.

    To get the Facebook data, hackers took advantage of a security flaw in the social network's "View As" code, a feature designed to let people see what their profile looks like to someone else. The Facebook access tokens that hackers were able to obtain are basically digital keys that allow people to stay logged in to Facebook.

    [​IMG]

    According to Facebook, hackers used a set of accounts that they controlled that were connected to Facebook friends. An automated technique was used to move from account to account, allowing them to collect access tokens in September 2018.

    Hackers were able to obtain timeline posts, friend lists, groups, and the names of recent Messenger conversations from an initial 400,000 people. People in this group who were Page admins of a Page that had received a message from someone on Facebook had the content of their messages stolen.

    After stealing data from the 400,000 people attacked first, Facebook used their friends list to steal access tokens for approximately 30 million people.

    For 15 million people, attackers were able to access name and contact details that include phone number and email address.

    For 14 million people, hackers were able to access the same information as well as other data that includes username, gender, location, relationship status, religion, hometown, current city, birthdate, device types used to access Facebook, education, work, the last 10 places where they checked in, websites, people, Pages they follow, and 15 most recent searches.

    An additional 1 million people had their access tokens stolen but no information was obtained.

    According to Facebook, people can find out whether or not they were affected through the Facebook Help Center. Over the "coming days," Facebook plans to send customized messages to the 30 million people who were affected to explain what information hackers might have obtained.

    The FBI is investigating the attack and Facebook has been asked "not to discuss who may be behind [the] attack."

    Article Link: Hackers Accessed Data From 29 Million Facebook Users
     
  2. rpmurray macrumors regular

    Joined:
    Feb 21, 2017
    Location:
    Back End of Beyond
    #2
    The FBI is investigating the attack and Facebook has been asked "not to discuss who may be behind [the] attack.

    It's the Russians.
     
  3. TokMok3 macrumors 6502

    Joined:
    Aug 22, 2015
  4. vegetassj4, Oct 12, 2018
    Last edited: Oct 12, 2018

    vegetassj4 macrumors regular

    vegetassj4

    Joined:
    Oct 16, 2014
    #4
    This is like the guy that sat on the toilet at 11:59 pm and got off at 12:01 am....Same S*** Different Day.
     
  5. iapplelove macrumors 601

    iapplelove

    Joined:
    Nov 22, 2011
    Location:
    East Coast USA
    #5
    And people looked at me crazy when I say I never had a FB account..
     
  6. AngerDanger macrumors 68040

    AngerDanger

    Joined:
    Dec 9, 2008
    Location:
    ← Downward Crow's Head
    #6
    Are you #2cool4facebook? Let us know below because we are extremely interested.
     
  7. HiRez macrumors 603

    HiRez

    Joined:
    Jan 6, 2004
    Location:
    Western US
    #7
    Let’s see how long it takes this number to balloon to over 100 million.
     
  8. EdT macrumors 65816

    EdT

    Joined:
    Mar 11, 2007
    Location:
    Omaha, NE
    #8
    I don’t see this as news anymore. Unless people immediately lose money or have their credit destroyed overnight 99% of Facebook users don’t care that their (so called) private information is being viewed and at some point mis-used.
     
  9. 0815 macrumors 68000

    0815

    Joined:
    Jul 9, 2010
    Location:
    here and there but not over there
    #9
    don't think anybody still on FaceBook is expecting any kind of privacy or data protection ... at least I hope that's the case since they are over and over in the news for violations, bad practices and stuff like this. Deleted my account many many years ago and didn't miss it a day. I deleted it after they started sharing with my friends which articles from 'partner' web sites I was reading (even when I was not actively logged into the webpage) - not that I had to hide anything, but I wanted to be in control what is shared and what not (they discontinued the 'feature' a short time after introducing it) it also annoyed me that they kept 'improving' the security setting and every time were resetting it to the default (which was back than sharing everything with everyone) and you had to drill down deeper and deeper to keep it from sharing stuff (not sure if they still do that garbage ... I don't care anymore)
     
  10. BootsWalking macrumors 6502a

    Joined:
    Feb 1, 2014
    #10
    I'm not sure it's useful to differentiate between hackers stealing your personal data vs Facebook willingly selling it to others. The net effect is the same.
     
  11. elvisimprsntr macrumors 6502

    Joined:
    Jul 17, 2013
    Location:
    Florida
  12. Appurushido macrumors regular

    Joined:
    Sep 28, 2012
    #12
    These hacks about stolen info from Facebook, CC companies, Target, stores your purchased from, Equifax, online places etc. is all too common now. People are so conditioned to know it will happen again and they won't get any restitution nor any punishment will take place against these companies for failing to protect our information.
     
  13. jonnysods macrumors 603

    jonnysods

    Joined:
    Sep 20, 2006
    Location:
    There & Back Again
    #13
    Its unfortunate. But I don't care as much about this stuff as I would having my banking hacked. Nothing is physical anymore!
     
  14. TheSourceOfTruth macrumors newbie

    TheSourceOfTruth

    Joined:
    Sep 4, 2018
    #14
    Blaming everything on Russians is the wrong way forward.
     
  15. white4s macrumors 65816

    Joined:
    Nov 15, 2011
    Location:
    New Jersey
    #15
    Lol exactly why I have zero personal info on there other than the obvious. People that fill out their profiles to the full extend are wild
     
  16. magicschoolbus macrumors 6502a

    magicschoolbus

    Joined:
    May 27, 2014
    #16
    Or China, or North Korea, or Iran.

    Glad I deleted my account in 2016.
     
  17. eeboarder macrumors member

    eeboarder

    Joined:
    Jul 29, 2005
    Location:
    Wyoming
    #17
    It's astounding that people are so willing to give so much personal data to a company.
     
  18. EdT macrumors 65816

    EdT

    Joined:
    Mar 11, 2007
    Location:
    Omaha, NE
    #18
    Beyond a small few most people never got upset about information privacy invasion. The “cost” of losing some privacy was worth the convenience of connecting with family and friends easily in a ‘at-your-convenience’ mode. And if something really bad happens it’s difficult to prove it was FB or whatever once a short time has passed.
     
  19. DotCom2 macrumors 68040

    Joined:
    Feb 22, 2009
  20. magicschoolbus macrumors 6502a

    magicschoolbus

    Joined:
    May 27, 2014
    #20
    This 1000%..

    People need to realize that everytime you check or submit info to these sites; you are pretty much walking into a store and giving whoever is behind the counter your personal information in return for use of their services.

    Just imagine walking into a store and the person behind the counter saying; Hi, in order to proceed, please let me know your gender, relationship status and whom you're involved with, your closest circle of friends, interests, political interests, religion, location data, your career field, your employer, and also please submit photos of yourself, pets, friends, and family in order to proceed.

    What would you do? How would that make you feel?
     
  21. supercoolmanchu macrumors regular

    supercoolmanchu

    Joined:
    Mar 5, 2012
    Location:
    Hollywood
    #21
    Agreed.

    But we can blame Russians for their dressing, and for making pastrami sandwiches delicious.
     
  22. UnionVGF macrumors 6502a

    UnionVGF

    Joined:
    Oct 4, 2013
    #22
    Take your time Facebook it's not like 30 million people had vulnerable information out there or anything.....
     
  23. coolfactor macrumors 68040

    Joined:
    Jul 29, 2002
    Location:
    Vancouver, BC CANADA
    #23
    It's not clear to me exactly how they obtained the info. Did they bypass the website and access the FB databases directly? I'm pretty sure that is not possible. Access is only via the FB software powering the website. Sure, they had the keys, but were they scraping 30 million page renders for the information?
     
  24. UnionVGF, Oct 12, 2018
    Last edited: Oct 12, 2018

    UnionVGF macrumors 6502a

    UnionVGF

    Joined:
    Oct 4, 2013
    #24
    You have an iPhone? You have cell phone service? You have internet service? Have a credit card? You gave far more info to those companies than the overwhelming majority gave Facebook.
     
  25. MacFather macrumors 6502a

    MacFather

    Joined:
    Mar 16, 2012
    #25
    The world would be a better place without spongers like Zuckerberg.
     

Share This Page