The personal messages of more than 80,000 Facebook users were reportedly accessed and posted by hackers in November. The social media company denied any security breach, saying the leaks appear to have been caused by rogue browser extensions.
Private data and personal messages of around 120 million Facebook users at risk
An investigation found that Russian hackers were trading personal messages from Facebook of over 81,000 users online. A report by the BBC Russian Service said that the perpetrators told them they had details “from a total of 120 million accounts, which they were attempting to sell, although there are reasons to be skeptical about that figure.”
The BBC report further that the accounts affected by this attack could be from Russia, Ukraine, United Kingdom, Brazil, the United States and other parts of the world.
BBC quoted a Facebook executive as saying, “We have contacted browser-makers to ensure that known malicious extensions are no longer available to download in their stores. We have also contacted law enforcement and have worked with local authorities to remove the website that displayed information from Facebook accounts.”
Facebook told the BBC News that the hack was due to a browser extension which silently monitored the activity of the victims on the site and sent private conversations and personal details back to the hackers. The company did not name any extensions it believed to have caused the attack.
The BBC cited independent cyber-experts as saying that the browser developers might share some responsibility for failing to evaluate the programs if malicious extensions were indeed actually the cause and were distributed via their marketplaces.
The hackers behind the breach, which was first detected in September, could potentially have access to 120 million user accounts.