Facebook reportedly believes spammers were behind massive hack

Facebook logog on a smartphone

Facebook logog on a smartphone

Facebook's recently-disclosed security incident that exposed the data of some 30 million members was committed by spammers, not nation-state actors, according to a new Wall Street Journal report.

The incident has been under investigation since September 25, when Facebook's security team discovered someone downloading a large amount of digital access tokens from the social platform. The company released an update on October 12 with its revised estimate for the number of people affected by the attack, but it has yet to share any information about the attackers with the public.

Facebook has said it's working with the Federal Bureau of Investigation, which asked it not to discuss who might be behind the attack or whether they were targeting anyone in particular.

The Journal reported Thursday that the hack was committed by a group of Facebook and Instagram spammers who have been associated with a digital marketing company.

This attribution is supported by the attackers' decision to compromise a limited amount of information that was available to them. Facebook said the attack relied on a vulnerability in the "View As" feature that lets people view their profiles from other perspectives. "The FBI is actively investigating and have asked us not to discuss who may be behind this attack".

Blackout player count tweaked in latest Black Ops 4 patch
Armor is hugely important to success in Blackout , with players able to find it lying around in many parts of the game world. Our digital sales results have been record-breaking across all platforms, and the overall performance strong.

"They used an automated technique to move from account to account, so they could steal the access tokens of those friends, and for friends of those friends, and so on, totaling about 400,000 people", he said.

In the hack, 15 million people had their name and contact details (phone number, email, or both, depending on what people had on their profiles) accessed.

"We are cooperating with the Federal Bureau of Investigation on this matter", Guy said.

"These included username, gender, locale/language, relationship status, religion, hometown, self-reported current city, birth date, device types used to access Facebook". One million users had no details accessed.

Recommended News

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.