Face­book places scope of data breach at 29M, less than ini­tially feared

Richmond Times-Dispatch Weekend - - REMEMBERING -

NEW YORK — Face­book says hack­ers ac­cessed data from 29 mil­lion ac­counts as part of the se­cu­rity breach dis­closed two weeks ago, fewer than the 50 mil­lion it ini­tially be­lieved were af­fected.

The hack­ers ac­cessed name, email ad­dresses or phone num­bers from these ac­counts, ac­cord­ing to Face­book. For 14 mil­lion of them, hack­ers got even more data, such as home­town, birth­date, the last 10 places they checked into or the 15 most re­cent searches.

An ad­di­tional 1 mil­lion ac­counts were af­fected, but hack­ers didn’t get any in­for­ma­tion from them.

Face­book isn’t giv­ing a break­down of where these users are, but said the breach was “fairly broad.” It plans to send mes­sages to peo­ple whose ac­counts were hacked.

Face­book said third-party apps and Face­book apps like What­sApp and In­sta­gram were un­af­fected by the breach.

Face­book said the FBI is in­ves­ti­gat­ing but asked the com­pany not to dis­cuss who may be be­hind the at­tack. The com­pany said it hasn’t ruled out the pos­si­bil­ity of smaller-scale at­tacks that used the same vul­ner­a­bil­ity.

Face­book has said the at­tack­ers gained the abil­ity to “seize con­trol” of those user ac­counts by steal­ing dig­i­tal keys the com­pany uses to keep users logged in. They could do so by ex­ploit­ing three dis­tinct bugs in Face­book’s code. The com­pany said it has fixed the bugs and logged out af­fected users to re­set those dig­i­tal keys.

At the time, CEO Mark Zucker­berg — whose own ac­count was com­pro­mised — said at­tack­ers would have had the abil­ity to view pri­vate mes­sages or post on some­one’s ac­count, but there’s no sign that they did.

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.