- Facebook Inc. has issued a notice to the users admitting that the personal information of almost 30 million users was compromised in a massive global security breach
- As an admittance and clarification of the mishap, the company revealed that the name, phone number and email address of the users were hacked by a third-party
Facebook Inc. has issued a notice to the users admitting that the personal information of almost 30 million users was compromised in a massive global security breach. As an admittance and clarification of the mishap, the company revealed that the name, phone number and email address of the users were hacked by a third-party from the databases of Facebook. The homepage displayed a message that read:
'An unauthorized third party accessed your name, email address and phone number. We acted quickly to secure the site and took action to protect your account, and we’re working closely with law enforcement to address the incident.'
The 'Learn more' link directs the user to 'Help Centre' where a complete explanation of the data security breach and the subsequent steps taken by the company for its redressal is listed out. The company has an apology message for all its users and further the page talks about an ongoing investigation, impact of the user information breach, what information was accessed and what the user can do next.
Status of Facebook investigation given out by the company:
- As per the update, the company discovered that a third party had exploited the “technical vulnerability” to obtain access tokens. Access tokens like "digital keys" can be used to request information through the platform
- As soon as the company became aware of the breach, they acted quickly and secured a site
- For a conducting a smooth investigation, Facebook invalidated the access tokens of almost 90 million accounts which were potentially impacted
- The logged out users were notified about the same
- As per the statement, the breach took place between September 14 and 27
- From September 28 onwards, Facebook had automatically logged out the users to prevent any further data leaks
Is my Facebook account impacted by the security breach?
As per the clarification by Facebook, attackers accessed the following information:
- Primary E-mail address
- Recently added phone number
Whereas the attackers did not gain access to:
- Account passwords
- Payment card or credit card information
How will the attackers use this information?
Facebook informed that the information accessed by the hackers ‘may be’ used (misused?) to create and spread spam on the website and on the Internet. The company was working closely with law enforcement in the investigations of the case.
What can I do to protect myself?
- Be cautious of unwanted phone calls, messages or emails from strangers
- The data can be used in attempts to phish you for other information
- Confirm the legitimacy of the emails received which claim to be Facebook
- Other information can be used to send personalized emails and messages that might be an attempt to scam you
Read: Global Facebook Security Breach: What It Means For You. All Details Here
Meanwhile, Facebook has been asked by the Ministry of Electronic and IT of the Indian Government, to divulge all the incident concerning the Indian users whose accounts were hacked and the impact of the data breach. India has the highest number of Facebook users from a single nation (270 million users)