Facebook Just Shared New Disturbing Details About its Massive Data Breach

“We have no reason to believe this attack was related to the midterms.”

Alexander Pohl/NurPhoto via ZUMA Press

Facts matter: Sign up for the free Mother Jones Daily newsletter. Support our nonprofit reporting. Subscribe to our print magazine.

Two weeks ago, Facebook warned that attackers may have accessed the accounts of up to 50 million users. Today, the company provided an update reporting that instead of 50 million accounts, only 30 million were accessed. But that the breach exposed a mass of private information including phone numbers, email addresses, and even recent location check-ins. 

Initially, the attackers were able to control 400,000 accounts through a vulnerability in Facebook’s “view as” feature, which allows users to see how their profile looks to other members. They quickly moved from account to account using automated script to collect the “access tokens”—which allow users to login on trusted devices without entering their password—for 30 million users. Attackers then accessed the name and either the phone numbers or email contacts (sometimes both) for 15 million users. For 14 million others, attackers accessed that basic information as well as ten most recent check-ins, gender, location, relationship status, religion, hometown, self-reported current city, birthdate, device types used to access Facebook, education, people or pages they follow, and 15 of the most recent searches.

The initial attack was discovered on September 21, when the company noticed a suspicious uptick in user login activity. They found that a breach was made possible by a vulnerability introduced in July 2017 through a video upload feature. Guy Rosen, vice president of product at Facebook, emphasized on a press call Friday that the exposed accounts were secured on September 27, when Facebook went public with the security breach. From now on, users would not have to log out and log back in again. 

The company also verified Friday that the “attack did not include Messenger, Messenger Kids, Instagram, WhatsApp, Oculus, Workplace, Pages, payments, third-party apps, or advertising or developer accounts.” There was a possibility that administrators of groups had their messages viewed, but messages of no individual users were exposed. Credit card numbers were also not compromised.

Facebook users will see messages like these in the coming days

But many questions still remain, the most important being who was behind the attack and what was the intended use of the breached information. “We have no reason to believe this attack was related to the midterms,” Rosen told reporters. He also stated that the company hasn’t ruled out “smaller scale” attacks that might have taken place in addition to the unusual behavior discovered in September. (A spokesperson for Facebook tells Mother Jones that the company is still investigating the initial vulnerability.) Rosen added that the FBI “asked them not to share any information that could compromise their investigation.” 

The company confirmed that it is cooperating with the US Federal Trade Commission and the Irish Data Protection Commission but declined to share a breakdown of affected users by country. The company assured its more than 2 billion users that it continues to invest in its security infrastructure, hiring 20,000 new employees this year for the task. 

Those who want to see if and how their accounts might have been affected can go to Facebook’s Help Center. The site will also be sending out customized notifications to users in the coming days.

REAL QUICK, REAL URGENT

Minority rule, corruption, disinformation, attacks on those who dare tell the truth: There is a direct line from what's happening in Russia and Ukraine to what's happening here at home. And that's what MoJo's Monika Bauerlein writes about in "Their Fight Is Our Fight" to unpack the information war we find ourselves in and share a few examples to show why the power of independent, reader-supported journalism is such a threat to authoritarians.

Corrupt leaders the world over can (and will) try to shut down the truth, but when the truth has millions of people on its side, you can't keep it down for good. And there's no more powerful or urgent argument for your support of Mother Jones' journalism right now than that. We need to raise about $450,000 to hit our online fundraising budget in these next few months, so please read more from Monika and pitch in if you can.

payment methods

REAL QUICK, REAL URGENT

Minority rule, corruption, disinformation, attacks on those who dare tell the truth: There is a direct line from what's happening in Russia and Ukraine to what's happening here at home. And that's what MoJo's Monika Bauerlein writes about in "Their Fight Is Our Fight" to unpack the information war we find ourselves in and share a few examples to show why the power of independent, reader-supported journalism is such a threat to authoritarians.

Corrupt leaders the world over can (and will) try to shut down the truth, but when the truth has millions of people on its side, you can't keep it down for good. And there's no more powerful or urgent argument for your support of Mother Jones' journalism right now than that. We need to raise about $450,000 to hit our online fundraising budget in these next few months, so please read more from Monika and pitch in if you can.

payment methods

We Recommend

Latest

Sign up for our free newsletter

Subscribe to the Mother Jones Daily to have our top stories delivered directly to your inbox.

Get our award-winning magazine

Save big on a full year of investigations, ideas, and insights.

Subscribe

Support our journalism

Help Mother Jones' reporters dig deep with a tax-deductible donation.

Donate