Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hackers Claim They Possess Details of 120 Million Facebook Accounts, Publish Private Messages From 81,000 of Them (bbc.com)

Posted by msmash on from the rogue-extensions dept.

Andrei Zakharov, reporting for BBC: Hackers appear to have compromised and published private messages from at least 81,000 Facebook users' accounts. The perpetrators told the BBC Russian Service that they had details from a total of 120 million accounts, which they were attempting to sell, although there are reasons to be sceptical about that figure. Facebook said its security had not been compromised. And the data had probably been obtained through malicious browser extensions.

Facebook added it had taken steps to prevent further accounts being affected. The BBC understands many of the users whose details have been compromised are based in Ukraine and Russia. However, some are from the UK, US, Brazil and elsewhere. The hackers offered to sell access for 10 cents (8p) per account. However, their advert has since been taken offline. "We have contacted browser-makers to ensure that known malicious extensions are no longer available to download in their stores," said Facebook executive Guy Rosen. "We have also contacted law enforcement and have worked with local authorities to remove the website that displayed information from Facebook accounts."

17 of 37 comments (clear)

  1. I believe Facebook by Opportunist · · Score: 5, Funny

    They do what they can so no hacker can sell your most intimate details.

    That's already their own business model, dammit! Who wouldn't fight competition when possible?

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  2. Yet another reason.... by cayenne8 · · Score: 5, Insightful
    ....NOT to be on Facebook....

    Or most other social media.

    --
    Light travels faster than sound. This is why some people appear bright until you hear them speak.........
    1. Re:Yet another reason.... by bill_mcgonigle · · Score: 3, Insightful

      It's clearly a reason to not trust them with sensitive data. Tell us the risks of sharing your kids' Halloween pics with Aunt Helen?

      Shades of meaning are essential for accurate risk analysis.

      --
      My God, it's Full of Source!
      OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
    2. Re:Yet another reason.... by shplopt · · Score: 3, Informative

      It's probably not all that dangerous on a micro leve, but in the age of social mapping, personalized psychographics, and cybernetics, data brokers are becoming better and better at quantifying every data point. Metadata is much more valuable to them than any particular personal secret or private thought.

    3. Re:Yet another reason.... by Actually,+I+do+RTFA · · Score: 3, Funny

      ell us the risks of sharing your kids' Halloween pics with Aunt Helen?

      Well, feeding advertisers pictures of your kids, their favorite characters, and where they live doesn't sound great to me. But then again, I think it's the parent's responsibility to protect their children from assholes in the world. But, whatever, let that be more one more datapoint for the targeted ads that manipulate their little minds.

      --
      Your ad here. Ask me how!
    4. Re:Yet another reason.... by Anonymous Coward · · Score: 3, Informative

      The more information a group has about a person, the better profile they can build on them. The better the portfolio of profiles, the more easily they can manipulate the individuals. This is how advertising works. But these methods are used for more than just trying to sell products, they are also used by political campaigns that try to figure out how to target individuals with ads, article recommendations, and other content that will be more likely to convince the individual to vote for their cause. This was what the whole Cambridge Analytica scandal was about.

      Those profiles could also be used by agitators to figure out how to manipulate people to divide them, instigating more and more toxic interpersonal interactions in a region. Some of those agitators might be the politicians from those regions themselves, while other could be interests from outside those regions.

    5. Re:Yet another reason.... by Anonymous Coward · · Score: 1

      Yes. They know that you have phoned the abortion clinic, visited the abortion clinic's website, went to the abortion clinic with your car and left a couple hours later, but they don't know if you aborted a pregnancy.

    6. Re:Yet another reason.... by cayenne8 · · Score: 1

      Tell us the risks of sharing your kids' Halloween pics with Aunt Helen?

      Why would you want to let a myriad of faceless corporations, hackers or anyone other than family and close friends even KNOW you have kids or an Aunt Helen?

      --
      Light travels faster than sound. This is why some people appear bright until you hear them speak.........
    7. Re:Yet another reason.... by JustAnotherOldGuy · · Score: 2

      Tell us the risks of sharing your kids' Halloween pics with Aunt Helen?

      Facial recognition of your kids (possibly), geotagging, aggregating it with other sources to "refine" the specificity of the data, etc etc etc.

      If you don't think your "harmless" publicly-posted data can be misused or weaponized, you haven't been paying attention.

      --
      Just cruising through this digital world at 33 1/3 rpm...
  3. Facebook Statement by forkfail · · Score: 4, Insightful

    We are shocked and outraged at this illegal and illicit activity. We at Facebook take protecting the data we collect very seriously. How else are we supposed to get top dollar for selling it to the highest bidder?

    --
    Check your premises.
  4. Re:Uses by phantomflanflinger · · Score: 2, Insightful

    Then you might as well not use it. I hear this all the time: "I only use FB for a) and b) and sometimes c), blah blah...." Just close your account then.

    There will come a day when having never used social media will be an accolade - and it can't come too soon.

    --
    shin phantomflanflinger
  5. Re:Tech companies too easy to hack into by UnknownSoldier · · Score: 1

    1. Security is viewed as an expense instead of as an investment.

    * It takes 20 years to build a good reputation,
    * It takes 20 seconds to lose it.

    2. Murphy's Computer Law:

    There is never time to do it right, but always time to do it over.

  6. Some help please? by Ol+Olsoc · · Score: 1

    I bought a computer off a guy on facebook, it wasn't as advertised, and he ghosted me. Cany y'all hackers help?

    --
    The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
  7. Who's sending by bblb · · Score: 1

    Who's sending anything that's actually sensitive or confidential through facebook?? Apart from some nudes that women have sent me, there's nothing in my private messages that I'd care about being published to the public.

    1. Re: Who's sending by richi · · Score: 1

      Great to see /. still hasn't figured out Unicode :-(

  8. Dang by JustAnotherOldGuy · · Score: 1

    I don't have a Facedork account, how can I get in on this free dissemination of my data??

    --
    Just cruising through this digital world at 33 1/3 rpm...
  9. Planting the seeds of future spying revelations by jbn-o · · Score: 1

    I concur; it's disappointing that people on a tech site such as /. conflate the intention of the user posting the material with how the posted material can be used later (even within the scope of uses we can identify today which is no doubt just the start). From a technical (as opposed to ethical) perspective, the poster's intention is irrelevant. The parent post is underrated and the grandparent post is overrated.

    People in the future might not enjoy knowing that the choices they made today were the basis of learning a bunch of other people's coordinates and directionality/orientation of their bodies, and have a high degree of certainty who that was based on information from what are deemed socially sufficiently accurate inferences. All of that data comes from data shared with naive intention by people who, as the parent poster rightly put it, "haven't been paying attention" and some time with algorithms that essentially make a timeline by putting together analysis of school yearbook photos, Halloween shots, home videos, street footage, "smart TV" or "cell phone" (really, 'tracker' is a more honest name) camera/mic spying, and other sensor data. People today would likely find that kind of tracking creepy but it's possible. Tech people should be teaching the public to value their own privacy and the privacy of their friends and family now. Sometimes this means having the spine to say no to fads like Facebook accounts, installing proprietary software, and recording and/or sharing every moment when one doesn't know the scope of what they're sharing. There's a big difference between sending someone a copy of a digital picture versus showing them a snapshot in person. Innocently sharing such data (even unwittingly) contributes to a society in which a future of pervasive spying is increasingly likely.

    --
    Digital Citizen