Here we go again with Facebook accounts getting hacked. This time it’s another 29 million users that have been affected.
Facebook says hackers accessed a wide swath of information — ranging from emails and phone numbers to more personal details like sites visited and places checked into — from millions of accounts as part of a security breach the company disclosed two weeks ago.
Twenty-nine million accounts had some form of information stolen. Originally Facebook said 50 million accounts were affected, but that it didn’t know if they had been misused. You can check Facebook’s Help Center, and a notice at the bottom will let you know if your account was affected.
The news comes at a jittery time ahead of the midterm elections when Facebook is fighting off misuse of its site on a number of fronts. The company said Friday there’s no evidence this is related to the midterms.
On Friday Facebook said hackers accessed names, email addresses or phone numbers from these accounts. For 14 million of them, hackers got even more data, such as hometown, birthdate, the last 10 places they checked into or the 15 most recent searches.
An additional 1 million accounts were affected, but hackers didn’t get any information from them.
Facebook isn’t giving a breakdown of where these users are, but says the breach was “fairly broad.” It plans to send messages to people whose accounts were hacked.
Facebook said third-party apps that use a Facebook login and Facebook apps like WhatsApp and Instagram were unaffected by the breach.
Facebook said the FBI is investigating, but asked the company not to discuss who may be behind the attack. The company said it hasn’t ruled out the possibility of smaller-scale attacks that used the same vulnerability.
Facebook has said the attackers gained the ability to “seize control” of those user accounts by stealing digital keys the company uses to keep users logged in. They could do so by exploiting three distinct bugs in Facebook’s code.
The hackers began with a set of accounts they controlled, then used an automated process to access the digital keys for accounts that were “friends” with the accounts they had already compromised. That expanded to “friends of friends,” extending their access to about 400,000 accounts, and went on from there to reach 30 million accounts. There is no evidence that the hackers made any posts or took any other activity using the hacked accounts.
The company said it has fixed the bugs and logged out affected users to reset those digital keys.
At the time, CEO Mark Zuckerberg — whose own account was compromised — said attackers would have had the ability to view private messages or post on someone’s account, but there’s no sign that they did.
Facebook Vice President Guy Rosen said in a call with reporters on Friday the company hasn’t ruled out the possibility of smaller-scale efforts to exploit the same vulnerability that the hackers used before it was disabled.
The company has a website its 2 billion global users can use to check if their accounts have been accessed, and if so, exactly what information was stolen. It will also provide guidance on how to spot and deal with suspicious emails or texts. Facebook will also send messages directly to those people affected by the hack.
Patrick Moorhead, founder of Moor Insights & Strategy, said the breach appeared similar to identity theft breaches that have occurred at companies including Yahoo and Target in 2013.
“Those personal details could be very easily be used for identity theft to sign up for credit cards, get a loan, get your banking password, etc.,” he said. “Facebook should provide all those customers free credit monitoring to make sure the damage is minimized.”
Thomas Rid, a professor at the Johns Hopkins University, also said the evidence, particularly the size of the breach, seems to point to a criminal motive rather than a sophisticated state operation, which usually targets fewer people.
“This doesn’t sound very targeted at all,” he said. “Usually when you’re looking at a sophisticated government operation, then a couple of thousand people hacked is a lot, but they usually know who they’re going after.”
FACEBOOK PURGES OVER 800 SPAM ACCOUNTS
Facebook said it has purged more than 800 U.S. pages and accounts for spamming users with politically-tinged garbage links and clickbait just weeks ahead of the U.S. midterm elections.
The banned accounts and Facebook sites exhibited “coordinated inauthentic behavior” such as working together to make the pages appear more popular than they actually are. This, Facebook said, was designed to mislead users about who they are and what they’re doing.
The social network said these accounts spread “sensational political content” designed to drive people to ad-laden websites outside of Facebook. In the past, such spammers have often focused on celebrity gossip, weight loss remedies, and fake iPhones.
Pages Facebook removed fell on both sides on the political spectrum, Facebook said, although it declined to say if there were more on the right or the left. The removed pages included the conservative “Nation in Distress” and the left-wing “Snowflakes,” among others with names such as “Reasonable People Unite,” ″The Resistance” and “Right Wing News.”
Facebook said it doesn’t look at the content of the posts and photos that the accounts are spreading, but rather, the “behavior” of the pages — such as whether they are using fake accounts or sending spam — when deciding whether to remove them.
The turn toward politics suggests that spammers are learning from the Russian playbook on how to get people riled up and clicking. Facebook has been working to weed out misinformation and election meddling since it acknowledged that Russian agents abused its service in 2016.
But while those actors seemed intent on disrupting elections, Facebook says its latest purge was about accounts trying to make money.