1. Home
  2. Hackers accessed data of 30 million Facebook users

Hackers accessed data of 30 million Facebook users

Agencies
October 13, 2018

Washington, Oct 13: Social media giant Facebook, which has its largest user base in India, said that a recent hacking into its system has affected about 30 million users.

Facebook product management vice president Guy Rosen on Friday said the cyber attackers exploited a vulnerability in Facebook's code that existed between July 2017 and September 2018.

The vulnerability has now been fixed, but not before the attackers used an automated technique to move from account to account so they could steal the access tokens of users, their friends, friends of their friends, and so on, totalling about 400,000 people.

"The attackers used a portion of these 400,000 people's lists of friends to steal access tokens for about 30 million people. For 15 million people, attackers accessed two sets of information, name and contact details -- phone number, email, or both, depending on what people had on their profiles," Rosen said.

For another 14 million people, the attack was potentially more damaging as the hackers accessed both their name and contact details as well as other details like username, gender, location, language, relationship status, religion, hometown, date of birth, device types used to access Facebook, education, work details, places they have recently "checked in" to as visiting, people or pages they follow and the 15 most recent searches.

For the remaining one million people whose access token were stolen, the attackers did not access any information, Rosen said. He said users' accounts have already been secured by the Facebook two weeks ago and they do not need to log out again or change their passwords. The attack did not affect Facebook-owned Messenger, Messenger Kids, Instagram, WhatsApp, Oculus, Workplace, third-party apps, payments, Pages, and advertising or developer accounts, the company said.

Asserting that Facebook is still looking at other ways the hackers may have used the platform, Rosen said, "People's credit card information would not have been visible to the attackers, as we do not display full credit card numbers -- not even to the account holder."

"We haven't ruled out the possibility of smaller-scale, low-level access attempts during the time the vulnerability was exposed. Our investigation into that continues," he said.

Facebook has been cooperating with the FBI, the US Federal Trade Commission, the Irish Data Protection Commission and other authorities.

"We don't have a specific indication of the intention of the attackers. And as we have said, we are cooperating with the FBI in an active investigation. As part of the information that we will be sharing with users over the coming days, we will be including information as to how they can watch out for any suspicious e-mails or text messages or things of that sort," Rosen said.

Responding to a question, he said, the company will be notifying people through Facebook so that they can understand what information was accessed from their account and which group they were part of.

"We will also work to contact people who may not be on Facebook any longer," he said.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
June 3,2020

New Delhi, Jun 3: Over 1 lakh scanned copies of Indians' national IDs, including Aadhaar, PAN card and passport, have been put on dark web for sale, cyber intelligence firm Cyble said on Wednesday.

The leaked data seems to have originated from a third party and not from the government system, according to a report by Cyble.

"We came across a non-reputed actor who is currently selling over 1 lakh Indian National IDs on the dark net. With such a low reputation, ideally, we would have skipped this; however, the samples shared by the actor intrigued our interest -- and also the volume. The actor is alleged to have access to over 1 lakh IDs from different places in India," Cyble said.

The personal data leaked by cyber criminals leads to various nefarious activities such as identity thefts, scams, and corporate espionage. Many criminals use the personal details in the IDs to win trust of the people over a phone call for fraudulent activities.

Cyber criminals leak personal data of 2.9 cr job-seeking Indians on dark web for free

The Cyble researchers acquired around 1,000 IDs from the seller and confirmed that the scanned IDs belong to Indians.

"Preliminary analysis suggests that the data originated from a third party, and no indication or artefact is indicating that it came from a government system. At this point, Cyble researchers are still investigating this further -- we are hoping to share an update soon," Cyble said.

The scanned ID documents indicate that the data may have been leaked from a company's data base in the segment where they have to comply with 'Know Your Customer' (KYC) norms.

"Cyble researchers have also learned about a surge in KYC and banking scams -- leaks such as this are often used by scammers to target individuals, especially elderlies," Cyble said.

The cyber intelligence firm has recommended people to refrain from sharing personal information especially financial information over phone, e-mail or SMS.

"Regularly monitor your financial transaction, if you notice any suspicious transaction, contact your bank immediately," the company said.

In May, Cyble showed two instances where personal data of 7.65 crore Indians have been put on sale in the dark web. In one instance, the seller claimed to have sourced data of 4.75 crore Indians from online directory Truecaller and in other, the seller claimed to have sourced from job websites.

Truecaller, however, had denied the claim of breach in its database.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
February 1,2020

New Delhi, Feb 1: India on Friday banned the export of personal protection equipment such as masks and clothing amid a global coronavirus outbreak.

It did not give a reason for the ban but it reported its first case of the new coronavirus on Thursday, a woman in Kerala who was a student of Wuhan University in China.

The central Chinese city of Wuhan is the epicentre of the outbreak, and the virus has since spread to more than 9,800 people globally and killed 213 people in China.

Several Indian citizens living in Wuhan will arrive in India by plane on Saturday and be taken to a quarantine centre on the outskirts of the capital New Delhi.

India, the world’s second most heavily populated country after China, has taken measures to ensure that all people arriving from China report to health authorities.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
May 9,2020

May 9: Union Home Minister Amit Shah has said the West Bengal government is not allowing trains with migrant workers to reach the state that may further create hardship for the labourers.

In a letter to West Bengal Chief Minister Mamata Banerjee, Shah said not allowing trains to reach West Bengal is "injustice" to the migrant workers from the state.

Referring to the 'Shramik Special' trains being run by the central government to facilitate transport of migrant workers from different parts of the country to various destinations, the home minister said in the letter that the Centre has facilitated more than two lakh migrants workers to reach home.

Shah said migrant workers from West Bengal are also eager to reach home and the central government is also facilitating the train services.

"But we are not getting expected support from the West Bengal. The state government of West Bengal is not allowing the trains reaching to West Bengal. This is injustice with West Bengal migrant labourers. This will create further hardship for them," Shah wrote.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.