Skip to main content
close search
site logo
Dive Brief

Facebook attackers accessed personal data of 29M users in breach

Published Oct. 12, 2018
By
Associate Editor

Dive Brief:

  • Hackers accessed the personal information of approximately 29 million Facebook users in its September breach, the company disclosed Friday.  Of the 50 million accounts affected by the vulnerability, the tokens of 30 million accounts were stolen, according to a company post Friday. One million of these accounts did not have any information accessed.

  • But half of these accounts, 15 million, had name and contact information, including email, phone number or both, accessible to hackers. The remaining 14 million accounts had the same information accessed in addition to personal identifying information such as gender, relationship status, religion, birthdate, education, work, location, recent searchers and linked websites.

  • Facebook users can check if their account was affected in the company's Help Center. The social network will send customized messages to the 30 million affected accounts in the coming days to explain what happened and provide steps to take for protection.

Dive Insight:

Facebook announced that 50 million accounts were breached in late September, but at the time was unaware if users' information was accessed.

In the post, Facebook noted it is cooperating with the FBI, which has asked the social media company "not to discuss who may be behind this attack." Some experts have ventured that a nation-state actor could be behind the attack, especially in light of political interference on the platform.

The disclosure that tens of millions of users' personal information was breached is a huge bump in the road for a company that has been grappling with user trust and privacy issues this year. Many U.S. and international lawmakers expressed concern following the initial disclosure, and reports that sensitive data was accessed will only stoke the fire.

Facebook was quick to disclose the initial security incident — a speediness that GDPR's 72-hour breach notification requirements may have played a role in.  

The company came under fire for its security practices following the Cambridge Analytica scandal earlier this year. Facebook rolled out security improvements, including efforts to double its security team by year's end and created a data abuse bounty

Recommended Reading

Filed Under: Security, Corporate

Editors' picks

Company Announcements

View all | Post a press release
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Newgen Recognized in Gartner® Magic Quadrant™ for Enterprise Low-code Application Platforms Fi…
From Newgen Software
October 30, 2024
truCX Launches Groundbreaking Partner Portal, Empowering CX Consultants and Trusted Advisors w…
From truCX
October 30, 2024
Blackpoint Cyber Launches Global Partner Program and Enablement Platform Emphasizing a Focus o…
From Blackpoint Cyber
October 30, 2024
Editors' picks
Latest in Security
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell