- Privacy group files complaints against Netlifx, Spotify for GDPR violations 3 Months Ago
- Bikini Kill reunion show sale proves the internet is still hell for live music fans 3 Months Ago
- Teen’s photo of Nazi-themed school-dance invite goes viral 3 Months Ago
- Ben Shapiro comes out as pro-baby Hitler in March for Life message 3 Months Ago
- Facebook staffers caught writing 5-star Amazon reviews for Portal speaker 3 Months Ago
- R. Kelly supporters are using #FirstThem to protect him Today 1:55 PM
- Lin-Manuel Miranda tweets his disappointment about Trump and Puerto Rico Today 1:28 PM
- YouTuber Simone Giertz reveals her brain tumor has returned Today 1:07 PM
- ‘Conversations With a Killer: The Ted Bundy Tapes’ feels like a bad one-man show Today 12:37 PM
- Post-cataclysmic sci-fi flick ‘IO’ fails to stand out in its saturated genre Today 12:30 PM
- Trump peddles right-wing ‘prayer rug’ conspiracy Today 11:29 AM
- Summit1G reportedly overtakes Ninja as king of Twitch subscribers Today 11:18 AM
- FCC’s request to postpone net neutrality case denied by federal court Today 11:02 AM
- School employee investigated for yelling, ‘Build the wall,’ at picketing teachers Today 10:50 AM
- Netflix announces staggering viewership for ‘You’—but many are skeptical Today 10:50 AM
TY Lim/Shutterstock (Licensed)
The hackers claimed to have access to 120,000 accounts, but “there are reasons to be skeptical about that figure,” according to BBC’s reporting. BBC spoke to Digital Shadows, a cybersecurity company, which told them such a large breach would likely have been flagged by Facebook. Facebook told BBC it is taking steps to protect other accountholders from being hacked. The company said its servers have not been accessed, and malicious web browser extensions are instead to blame.
“We have contacted browser-makers to ensure that known malicious extensions are no longer available to download in their stores,” Facebook exec Guy Rosen told BBC. He also said the company has reached out to law enforcement to work on removing the websites hosting the hackers, one of which appears to be located in St. Petersburg, Russia.
A post from user FBSaler claimed to sell personal information off Facebook back in September. An examination into the claim by Digital Shadows found that the 81,000 profiles posted online contained private messages. BBC reached out to the owners of five of the profiles and confirmed that the messages were theirs. Another 176,000 accounts also had data leaked.
The areas most affected by this hacking appear to be in Russia and Ukraine, but BBC reports that users in the U.S., U.K., Brazil, and elsewhere are also at risk. Examples of leaked data include photos from a vacation, complaints about family members, and an intimate exchange between lovers.
According to BBC, the main culprits are extensions like “personal shopping assistants, bookmarking applications and even mini-puzzle games.” Facebook said it was one such extension that allowed hackers to gain personal information on users.
BBC Russian Service reached out to the hackers, too, posing as a potential buyer. A reply in English from a “John Smith” claimed the hacked accounts were not connected to those involved in the Cambridge Analytica scandal or the breach in mid-September.
Nahila Bonfiglio reports on geek culture and gaming. Her work has also appeared on KUT's Texas Standard (Austin), KPAC-FM (San Antonio), and the Daily Texan.