Facebook says hackers saw personal info of 14 million people


Facebook says hackers saw personal info of 14 million people

The exposed data included relationship status, birth date, hometown, education and the 15 most recent searches, Facebook said.

by David Ingram / Oct.12.2018 / 9:55 AM PDT / Updated 10:54 AM PDT

Facebook said on Friday that hackers were able to access the personal information of 14 million people through a security flaw that the company first disclosed last month, and that the data exposed included information such as recent check-ins and searches.

Facebook said in a blog post that people would be able to check whether they were affected by the attack by visiting a Facebook help center online. The company also said that in the coming days it would send customized messages to users to explain what information might have been accessed.

The social networking company disclosed two weeks ago that a security flaw in Facebook's "view as" feature had allowed hackers to see into and potentially take over people's profiles.

Facebook, the world's largest social media network with more than 2 billion users, has faced rising criticism that it has failed to protect people's privacy. It disclosed this year that the personal information of up to 87 million people was taken by the maker of a quiz app and then wrongly handed over to political consultancy Cambridge Analytica.

Facebook did not say who might have been behind the latest attack or if certain groups of people were targeted, but it said it was working with authorities including the FBI to investigate.

The company's initial estimate was that the recent attack affected almost 50 million accounts, a number it revised down on Friday. In all, the hackers stole "access tokens," a sort of digital set of keys, of 30 million people, Facebook said in its latest update.

Of those 30 million people, 15 million people had their name and contact details, such as phone number and email address, exposed.

Facebook said that for a second group of 14 million people, the attackers accessed information including "username, gender, locale/language, relationship status, religion, hometown, self-reported current city, birthdate, device types used to access Facebook, education, work, the last 10 places they checked into or were tagged in, website, people or Pages they follow, and the 15 most recent searches."

The breach may have long-lasting effects if the information accessed is used for future hacking attempts, particularly for phishing attacks that use email to trick people into giving up sensitive information and passwords.

"Tens of millions of people impacted by the Facebook data breach are likely to find that they have now become intertwined in systematic phishing campaigns that will persistently target them and the organizations they work for for a long time," Oren Falkowitz, CEO of security firm Area 1 Security, said in an email.

Sen. Mark Warner, D-Va., called search and location history "particularly personal information" to have been accessed.

"With each new, high-profile privacy breach, it’s ever-clearer that Congress needs to establish some guardrails for social media platforms to protect consumer data while encouraging American innovation,” Warner, vice chairman of the Senate Intelligence Committee, said in a statement.

Payment information such as credit card numbers were not accessed, Facebook said.

A third group of 1 million people had their access tokens stolen but no other information accessed, Facebook said.

Guy Rosen, Facebook's vice president of product management, said on a conference call with reporters that the FBI was investigating the attack and had asked the company not to share certain information, such as possible suspects, that might compromise the investigation.

Facebook's own investigation is continuing and the company is working with other authorities, including those in Ireland where Facebook has its European headquarters, Rosen said.

Rosen declined to provide a country-by-country breakdown of where the affected users were located but said the attack was "fairly broad."

The people behind the attack started from their own accounts and began stealing access tokens from their friends, Rosen said. They then moved on to friends of friends, eventually reaching 400,000 accounts, using that list to steal access tokens for about 30 million people, he said.

There was no reason to believe the attack was related to the Nov. 6 midterm elections, he said.

Asked whether people on Facebook should continue to trust the service, Rosen responded that the company was committed to security.

"We take these incidents very, very seriously, and nothing is more important to us than the security of people’s information," he said.

Shares in Facebook traded down 0.2 percent on Friday, while the S&P 500 rose 0.7 percent.

Mark Nunnikhoven, vice president of cloud research at security firm Trend Micro, said that people whose accounts had been accessed should assume the worst and make sure their social media and email accounts have not been compromised. He also encouraged people to enable multi-factor authentication for their services, such as connecting a phone number that serves as a way to ensure accounts are not surreptitiously accessed.

He also noted that people should be aware that their connections on Facebook can leave them open to data harvesting.

"That person you vaguely remember from grade school? They probably don’t need access to your entire profile," Nunnikhoven said. "Time to tighten up those privacy settings."

https://www.nbcnews.com/tech/security/facebook-says-hackers-saw-personal-info-14-million-people-n919531

Comments

Post a Comment

Popular posts from this blog

Report: World’s 1st remote brain surgery via 5G network performed in China

World’s 1st remote brain surgery via 5G network performed in China Published time: 17 Mar, 2019 13:12 ·           A Chinese surgeon has performed the world’s first remote brain surgery using 5G technology, with the patient 3,000km away from the operating doctor. Dr. Ling Zhipei remotely implanted a neurostimulator into his patient’s brain on Saturday, Chinese state-run media  reports . The surgeon manipulated the instruments in the Beijing-based PLAGH hospital from a clinic subsidiary on the southern Hainan island, located 3,000km away. The surgery is said to have lasted three hours and ended successfully. The patient, suffering from Parkinson’s disease, is said to be feeling well after the pioneering operation. The doctor used a computer connected to the next-generation 5G network developed by Chinese tech giant Huawei. The new device enabled a near real-time connection, according to Dr. Ling.  “You barely feel that the patient is 3,000 kilometers away,”  he said.
Read more

BMW traps alleged thief by remotely locking him in car

BMW traps alleged thief by remotely locking him in car Stealer's Wheel? Seattle police department quotes "Watchmen" movie in a recap of the recent arrest. Tech Culture by Gael Fashingbauer Cooper December 4, 2016 5:00 PM PST It's maybe the most satisfying arrest we can imagine. Seattle police caught an alleged car thief by enlisting the help of car maker BMW to both track and then remotely lock the luckless criminal in the very car he was trying to steal. Jonah Spangenthal-Lee, deputy director of communications for the Seattle Police Department, posted a witty summary of the event on the SPD's blog on Wednesday. Turns out if you're inside a stolen car, it's perhaps not the best time to take a nap. "A car thief awoke from a sound slumber Sunday morning (Nov. 27) to find he had been remotely locked inside a stolen BMW, just as Seattle police officers were bearing down on him," Spangenthal-Lee wrote. The suspect found a ke
Read more

Visualizing The Power Of The World's Supercomputers

Visualizing The Power Of The World's Supercomputers   BY TYLER DURDEN FRIDAY, JAN 21, 2022 - 04:15 AM   A supercomputer is a machine that is built to handle billions, if not trillions of calculations at once. Each supercomputer is actually made up of many individual computers (known as nodes) that work together in parallel. A common metric for measuring the performance of these machines is  flops , or  floating point operations per second . In this visualization,  Visual Capitalist's Marcus Lu uses  November 2021 data from  TOP500  to visualize the computing power of the world’s top five supercomputers. For added context, a number of modern consumer devices were included in the comparison. Ranking by Teraflops Because supercomputers can achieve over one quadrillion flops, and consumer devices are much less powerful, we’ve used  teraflops  as our comparison metric. 1 teraflop = 1,000,000,000,000 (1 trillion) flops. Supercomputer Fugaku  was completed in March 202
Read more