Nation & World

Facebook now says data breach affected 29 million users, details impact

FILE PHOTO: Silhouettes of mobile users are seen next to a screen projection of Facebook logo in this picture illustration taken March 28, 2018.  REUTERS/Dado Ruvic/Illustration/File Photo
FILE PHOTO: Silhouettes of mobile users are seen next to a screen projection of Facebook logo in this picture illustration taken March 28, 2018. REUTERS/Dado Ruvic/Illustration/File Photo

Cyber attackers stole data from 29 million Facebook accounts using an automated program that moved from one friend to the next, Facebook announced on Friday, as the social media company said its largest-ever data theft hit fewer than the 50 million profiles it initially reported.

The company said it would message affected users over the coming days to tell them what type of information had been accessed in the attack.

The breach has left users more vulnerable to targeted phishing attacks and could deepen unease about posting to a service whose privacy, moderation and security practices have been called into question by a series of scandals, cybersecurity experts and financial analysts said.

The attackers took profile details such as birth dates, employers, education history, religious preference, types of devices used, pages followed and recent searches and location check-ins from 14 million users.

For the other 15 million users, the breach was restricted to name and contact details.

In addition, attackers could see the posts and lists of friends and groups of about 400,000 users.

Lawmakers and investors have grown more concerned that Facebook is not doing enough to safeguard data.

Facebook cut the number of affected users from its original estimate after investigators reviewed activity on accounts that may have been affected. Still, cyber security experts warned that attackers could use stolen information in targeted phishing scams.

“The bottom line is that all this data is still out there,” said Corey Milligan, a senior researcher with cybersecurity company Armor Inc.

ARTICLE CONTINUES BELOW ADVERTISEMENT

Facebook Vice President Guy Rosen told reporters that the FBI has asked the company to limit descriptions of the attackers due to an ongoing inquiry.

Rosen revealed that while the attackers’ intent has not been determined, they did not appear to be motivated by the U.S. midterm Congressional election on Nov. 6.

Give us feedback

We value your trust and work hard to provide fair, accurate coverage. If you have found an error or omission in our reporting, tell us here.

Or if you have a story idea we should look into? Tell us here.

CONTINUE READING

Give us feedback

We value your trust and work hard to provide fair, accurate coverage. If you have found an error or omission in our reporting, tell us here.

Or if you have a story idea we should look into? Tell us here.