Hackers appear to have compromised and published private messages from at least 81,000 Facebook users' accounts.
The perpetrators told the BBC Russian Service that they had details from a total of 120 million accounts, which they were attempting to sell, although there are reasons to be sceptical about that figure. Facebook said its security had not been compromised. And the data had probably been obtained through malicious browser extensions. Facebook added it had taken steps to prevent further accounts being affected. The BBC understands many of the users whose details have been compromised are based in Ukraine and Russia. However, some are from the UK, US, Brazil and elsewhere. The hackers offered to sell access for 10 cents (8p) per account. However, their advert has since been taken offline. "We have contacted browser-makers to ensure that known malicious extensions are no longer available to download in their stores," said Facebook executive Guy Rosen. "We have also contacted law enforcement and have worked with local authorities to remove the website that displayed information from Facebook accounts."
The breach first came to light in September, when a post from a user nicknamed FBSaler appeared on an English-language internet forum. "We sell personal information of Facebook users. Our database includes 120 million accounts," the user wrote. The cyber-security company Digital Shadows examined the claim on behalf of the BBC and confirmed that more than 81,000 of the profiles posted online as a sample contained private messages. Data from a further 176,000 accounts was also made available, although some of the information - including email addresses and phone numbers - could have been scraped from members who had not hidden it.The BBC Russian Service contacted five Russian Facebook users whose private messages had been uploaded and confirmed the posts were theirs.
Who should be blamed?
Personal shopping assistants, bookmarking applications and even mini-puzzle games are all on offer from various browsers such as Chrome, Opera and Firefox as third-party extensions. The little icons sit alongside your URL address bar patiently waiting for you to click on them. According to Facebook, it was one such extension that quietly monitored victims' activity on the platform and sent personal details and private conversations back to the hackers. Facebook has not named the extensions it believes were involved but says the leak was not its fault. Independent cyber-experts have told the BBC that if rogue extensions were indeed the cause, the browsers' developers might share some responsibility for failing to vet the programs, assuming they were distributed via their marketplaces. But the hack is still bad news for Facebook.