By Sommer Brokaw, UPI
Facebook said Friday that hackers compromised the accounts of 30 million users last month -- about 20 million fewer accounts than it first reported last month.
Out of those 30 million, hackers accessed name and contact details for half of them, Facebook Vice President of Product Management Guy Rosen said in a blog post Friday.
For another 14 million people, hackers accessed the same data along with other profile information like "username, gender, locale/language, relationship status, religion, hometown, self-reported current city, birth date, device types used to access Facebook, education, work," he said.
Attackers did not access any information for the remaining one million users.
The social media company announced the breach Sept. 28 and said at the time 50 million users could have been exposed. The hackers exploited Facebook's "view as" feature, which let people view their own profiles as others would see it.
The hackers had used access tokens to get into the accounts between Sept. 14-27, which have since been invalidated, Facebook said.
Rosen said the attackers, who have not yet been identified, were able to access the private messages of just one of the 30 million affected users.
"If a person in this group was a page admin whose page had received a message from someone on Facebook, the content of that message was available to the attackers," he said.
This messaging breach could have impacted 400,000 users, including political groups.
Some were concerned the 40,000 Facebook-linked third party apps might also have been compromised, but Facebook said they were not.
COMMENTS