Technology
Hackers stole the private messages of over 81,000 Facebook accounts
REUTERS/Hannibal Hanschke
-
Hackers stole the private messages of more than 81,000
Facebook accounts, and sold them for 10 cents per account,
the
BBC reports. -
Facebook says there’s been no breach in its security,
and that the data was obtained using a dodgy web
extension. -
The BBC reports that many of the users whose details
were stolen are based in Russia and the Ukraine.
Hackers stole the private Facebook messages of over 81,000
accounts, a BBC
investigation has revealed.
The hackers posted ads, one of which was spotted by the BBC on an
English language web forum, offering to sell access to people’s
accounts for 10 cents each.
The BBC discovered the ad in September, which claimed: “We sell
personal information of Facebook users. Our database includes 120
million accounts.” Cybersecurity firm Digital Shadows
investigated the claim, and found that more than 81,000 accounts
put online as a sample contained private messages.
Digital Shadows also confirmed that personal information such as
phone numbers and email addresses from another 176,000 accounts
was published, but that it may have been scraped because the
accounts in question had not hidden it.
The BBC said there was reason to believe the 120 million claim
was exaggerated.
Many of the users affected are reportedly based in the Ukraine
and Russia, although there were users affected in many other
countries including the US, the UK and Brazil. One of the
websites where the hackers posted the data was ascertained to
have been set up in St Petersburg.
The BBC Russian service contacted five Russian users affected by
the hack, and confirmed the messages were theirs. The messages
included holiday pictures, complaints about a son-in-law, and an
“intimate” conversation between two lovers.
Not a Facebook breach
Facebook said the messages were not obtained through a breach in
its security, but rather a dodgy browser extension.
“Based on our investigation so far, we believe this information
was obtained through malicious browser extensions installed off
of Facebook,” said Facebook executive Guy Rosen in a statement
sent to Business Insider.
“We have contacted browser makers to ensure that known malicious
extensions are no longer available to download in their stores
and to share information that could help identify additional
extensions that may be related. We have also contacted law
enforcement and have worked with local authorities to remove the
website that displayed information from Facebook accounts. We
encourage people to check the browser extensions they’ve
installed and remove any that they don’t fully trust. As we
continue to investigate, we will take action to secure people’s
accounts as appropriate.”
Many people add extensions to their browsers, such as ad-blockers
or spell-checkers.
-
Entertainment6 days ago
WordPress.org’s login page demands you pledge loyalty to pineapple pizza
-
Entertainment7 days ago
Rules for blocking or going no contact after a breakup
-
Entertainment6 days ago
‘Mufasa: The Lion King’ review: Can Barry Jenkins break the Disney machine?
-
Entertainment5 days ago
OpenAI’s plan to make ChatGPT the ‘everything app’ has never been more clear
-
Entertainment4 days ago
‘The Last Showgirl’ review: Pamela Anderson leads a shattering ensemble as an aging burlesque entertainer
-
Entertainment5 days ago
How to watch NFL Christmas Gameday and Beyoncé halftime
-
Entertainment4 days ago
Polyamorous influencer breakups: What happens when hypervisible relationships end
-
Entertainment3 days ago
‘The Room Next Door’ review: Tilda Swinton and Julianne Moore are magnificent