In an update on its investigation into the incident, Facebook states that it has invalidated the access tokens of nearly 90 million accounts that may have been impacted.
Social networking giant Facebook has released more details of the attack on its system that saw the personal details of its users exposed through token manipulation, reducing its scope from 50 million to 30 million accounts.
Facebook announced that the recent data breach it has suffered is a little less massive than initially thought: "only" 30 million users have been affected.
Facebook's lead European Union data regulator, the Irish data protection commissioner, last week opened an investigation into the breach.
Twenty-nine million accounts had some form of information stolen. As a precaution, it also turned off View As.
Facebook said it will send a message to the 30 million users affected in the coming days.
Facebook, the world's largest social media network with more than 2 billion users, has faced rising criticism that it has failed to protect people's privacy.
Meanwhile, 14 million people lost all their personal information as well as the username, date of birth, gender, devices you used Facebook on, and your language settings.
"Tens of millions of people impacted by the Facebook data breach are likely to find that they have now become intertwined in systematic phishing campaigns that will persistently target them and the organizations they work for for a long time", Oren Falkowitz, CEO of security firm Area 1 Security, said in an email.More news: California deputies use Doritos to lure wayward pig back home
More news: Astros possibly caught cheating in ALCS Game 1
More news: Netflix is finally taking India seriously, its earnings numbers show
At the time, CEO Mark Zuckerberg - whose own account was compromised - said attackers would have had the ability to view private messages or post on someone's account, but there's no sign that they did.
Regulators around the world have ongoing inquiries into another matter that came to light in March: How profile details from 87 million Facebook users were improperly accessed by political data firm Cambridge Analytica.
Other obvious things that could prove you were hacked are: unwanted changes of your name, birthday, email or password.
Patrick Moorhead, founder of Moor Insights & Strategy, said the breach appeared similar to identity theft breaches that have occurred at companies including Yahoo and Target in 2013. The company said that there is also a possibility of smaller-scale attacks that used the same kind of vulnerability.
"This doesn't sound very targeted at all", he said.
Facebook said the FBI is investigating, but asked the company not to discuss who may be behind the attack.
Facebook said the attack did not affect Messenger, Messenger Kids, Instagram, WhatsApp, Oculus, Workplace, Pages, payments, third-party apps, advertising or developer accounts.
It is not clear who was behind the hack.