Slashdot Mirror

← Back to Stories (view on slashdot.org)

The FBI Is Now Investigating Facebook's Security Breach Where Attackers Accessed 30 Million Users' Personal Information (washingtonpost.com)

Posted by msmash on from the friday-security-briefings dept.

An online attack that forced Facebook to log out 90 million users last month directly affected 29 million people on the social network [alternative source], the company said Friday as it released new details about the scope of an incident that has regulators and law enforcement on high alert. The company said the FBI is actively investigating the hack, and asked Facebook not to disclose any potential culprits. From a report: Through a series of interrelated bugs in Facebook's programming, unnamed attackers stole the names and contact information of 15 million users, Facebook said. The contact information included a mix of phone numbers and email addresses. An additional 14 million users were affected more deeply, by having additional details taken related to their profiles such as their recent search history, gender, educational background, geolocation data, birth dates, and lists of people and pages they follow. Facebook said last month that it detected the attack when it noticed an uptick in user activity. An investigation soon found that the activity was linked to the theft of security codes that, under normal circumstances, allow Facebook users to navigate away from the site while remaining logged in. The bugs that allowed the attack to occur gave hackers the ability to effectively take over Facebook accounts on a widespread basis, Facebook said when it disclosed the breach. The attackers began with a relatively small number of accounts that they directly controlled, exploiting flaws in the platform's "View As" feature to gain access to other users' profiles.

8 of 31 comments (clear)

  1. Facebook needs to be shut down. by WCMI92 · · Score: 1

    As a threat to the safety of Americans.

    --
    Corporatism != Free Market
  2. Its time! by Anonymous Coward · · Score: 1

    Its time to just shut down these data mining sites like Fakebook ,TWITter, etc...! Its time to make it illegal to collect, buy, sell, or trade people's information, and make it illegal to track people online and in real life! And I mean even for law enforcement agencies and government unless they have a warrant that states specifics, based on CLEAR probable cause!!

    For far too long people's privacy has been violated for the worst possible reason...rampant uncontrolled insane corporate greed!! And law enforcement and government violate people's right to privacy on a daily basis, for the most specious of reasons!! Further, law enforcement, government, and corporations want to take away our right to privacy, and are working to erode that right on a daily basis!!

  3. Shadow accounts ? by Guybrush_T · · Score: 3, Interesting

    Maybe that will be the opportunity to see if shadow accounts actually exist.

  4. Doesn't FBI have any real cases? by coderaptor · · Score: 1

    Seems like FBI is chasing ghosts than real cases.

  5. The best possible solution by bobstreo · · Score: 1

    is to hand the investigation and oversight of bookface to the FCC. They fuck up everything they touch. /s

  6. So what else is new? by AndyKron · · Score: 1

    Fuck Apple even if this isn't about them just because.

  7. Blame the users by Locke2005 · · Score: 1

    If you input real names and phone number into Facebook, it's kind of on you when that data gets stolen. That being said, does it now require a working SMS message receiver to create a Facebook account? Hmm... how do I fake that so I don't have to use my actual cell number? Google voice?

    --
    I've abandoned my search for truth; now I'm just looking for some useful delusions.
  8. If this investigation is anything like Kavanaugh.. by ayesnymous · · Score: 1

    then the FBI will not interview any Facebook employees, and will only interview a few users who will say they never noticed anything suspicious.