Facebook Eyes Spammers for Mega-Breach

Marco Green
October 20, 2018

While an ongoing investigation revealed that just 30 million accounts were affected by Facebook's most recent hack, concerns arose around foreign states and supposed political motives as the U.S. midterm elections rapidly approach.

The Journal went into further details of the attack by citing people familiar with the internal investigation of the company and said that the people behind the move were in fact a group of Facebook and Instagram spammers that pretend to themselves to be a digital marketing company, and their activities were not veiled from the Facebook security team. "The FBI is actively investigating and have asked us not to discuss who may be behind this attack", he said.

Hackers accessed millions of victims' highly sensitive personal data, including locations, relationship information, recent searches, and birth dates.

The company said that it would notify account holders affected by the hack.

Facebook said it discovered the attack on September 14 and remedied the situation on September 27.

Facebook tentatively concludes spammers were behind recent data...
Facebook reportedly believes spammers were behind massive hack

In its update, Facebook said that the company was cooperating with the American law-enforcement agency and that 30 million people were affected, down from its original estimate of 50 million.

These tokens allow access to any part of a user's Facebook account, but the spammers only accessed a limited set of information compared to what they could've taken.

The Facebook breach that hit the accounts of 30 million users was not, it turns out, the work of an adversarial nation-state like Iran or North Korea.

"We're cooperating with the Federal Bureau of Investigation, which is actively investigating and asked us not to discuss who may be behind this attack", the Facebook executive Guy Rosen wrote in a blog post. Another 15 million users only had their name and contact info accessed, while the final 1 million users just had their access tokens stolen-digital passes that let a user log in to their account without needing to type in a password. Among the details accessed were name, phone numbers and email addresses. Facebook users are also able to check whether they were victim of the intrusion by going to Facebook's help pages.

Other reports by Click Lancashire

Discuss This Article

FOLLOW OUR NEWSPAPER