- QAnon-touting congressman sneaks ‘Epstein Didn’t Kill Himself’ into tweets Wednesday 7:12 PM
- Ocasio-Cortez met a famous drag queen–and the right melted down Wednesday 6:09 PM
- Woman says Lyft driver tried to kidnap her Wednesday 5:18 PM
- Debunking the right-wing conspiracy theories from today’s impeachment hearing Wednesday 4:29 PM
- Maroon 5 approves of the latest TikTok trend Wednesday 3:54 PM
- ‘One month left in the decade’ meme wants to know what you’ve accomplished Wednesday 3:53 PM
- Facebook Pay is the latest way to send your friends money Wednesday 3:31 PM
- Diving into ‘The Mandalorian’s first big shocker Wednesday 3:17 PM
- Disney+ will allow password sharing—to an extent Wednesday 1:12 PM
- Black server says manager refused to discipline coworkers who sent racist receipt Wednesday 12:47 PM
- Who is Jonah Hauer-King, Disney’s new Prince Eric? Wednesday 12:47 PM
- Cut Katherine Langford ‘Avengers: Endgame’ scene lands on Disney+ Wednesday 12:22 PM
- Planned Parenthood app to show abortion-seeking users their nearest options Wednesday 12:21 PM
- ‘The Imagineering Story’ offers touching insight into Walt Disney’s vision Wednesday 11:57 AM
- YouTube mom who was charged with child abuse dead at 48 Wednesday 11:39 AM
The hackers claimed to have access to 120,000 accounts, but “there are reasons to be skeptical about that figure,” according to BBC’s reporting. BBC spoke to Digital Shadows, a cybersecurity company, which told them such a large breach would likely have been flagged by Facebook. Facebook told BBC it is taking steps to protect other accountholders from being hacked. The company said its servers have not been accessed, and malicious web browser extensions are instead to blame.
“We have contacted browser-makers to ensure that known malicious extensions are no longer available to download in their stores,” Facebook exec Guy Rosen told BBC. He also said the company has reached out to law enforcement to work on removing the websites hosting the hackers, one of which appears to be located in St. Petersburg, Russia.
A post from user FBSaler claimed to sell personal information off Facebook back in September. An examination into the claim by Digital Shadows found that the 81,000 profiles posted online contained private messages. BBC reached out to the owners of five of the profiles and confirmed that the messages were theirs. Another 176,000 accounts also had data leaked.
The areas most affected by this hacking appear to be in Russia and Ukraine, but BBC reports that users in the U.S., U.K., Brazil, and elsewhere are also at risk. Examples of leaked data include photos from a vacation, complaints about family members, and an intimate exchange between lovers.
According to BBC, the main culprits are extensions like “personal shopping assistants, bookmarking applications and even mini-puzzle games.” Facebook said it was one such extension that allowed hackers to gain personal information on users.
BBC Russian Service reached out to the hackers, too, posing as a potential buyer. A reply in English from a “John Smith” claimed the hacked accounts were not connected to those involved in the Cambridge Analytica scandal or the breach in mid-September.
Nahila Bonfiglio reports on geek culture and gaming. Her work has also appeared on KUT's Texas Standard (Austin), KPAC-FM (San Antonio), and the Daily Texan.