Facebook now admits hackers in the security breach revealed two weeks ago stole a lot of sensitive information from millions of users.
The news: Facebook said in a blog post that it now thinks some 30 million users, rather than 50 million, were affected by a recent breach that allowed hackers to steal personal data. However, 14 million of them had details such as their religion, birthplace, and place of work exposed. The remaining 16 million either suffered no data loss or had only their e-mail and/or other contact details stolen. Previously, Facebook had said it didn't know what, if any, information was compromised.
Are you a victim? Check Facebook's help center to see if your data was leaked. The company also plans to contact anyone who may have lost data, offering advice on dealing with things like suspicious e-mails. That’s laudable, but it’s a shame Facebook’s own security wasn’t tight enough in the first place to stop hackers from compromising the digital keys that let users stay connected to it without having to log in on each visit.
Whodunnit? The social network says the FBI has asked it not to comment on who may have been responsible for the attack while the Feds investigate.
Any more leaks? Facebook says its other apps and services, including Messenger, Instagram, and WhatsApp, weren't affected by the hack. That’s some consolation, but it nonetheless highlights the risk of running several services that share user data among them. (That increasing integration was among the reasons both Instagram's and WhatsApp's founders left Facebook this year.) It will no doubt add to the questions coming from lawmakers and regulators on both sides of the Atlantic about whether one company should be allowed to control so many services.