Facebook reportedly concludes spammers, not nation-state, behind breach


Facebook has tentatively concluded that spammers masquerading as a digital marketing company were behind the massive security breach revealed last month, and not hackers working for a nation-state, the Wall Street Journal reported late Wednesday.

Facebook believes the attackers are a group of Facebook and Instagram spammers, known to Facebook security, who pass themselves off as a digital marketing company, the Journal reported.

Facebook has said it's working with the Federal Bureau of Investigation, which asked it not to discuss who might be behind the attack or whether they were targeting anyone in particular.

The issue of data breach on its platform was first disclosed by Facebook in late September and it had said that the issue has been fixed soon after the discovery by the company on September 25. It was taken into account that a "usual suspects" country is behind the hack, for example Russian Federation or North Korea.

On top of that, a further 14 million users had other details like gender, locale/language, relationship status, and religion retrieved, on top of the previous data.

More news: Jenelle Evans Reportedly Called the Cops on David Eason
More news: Pompeo meets Saudi king, prince on writer's disappearance
More news: Another Trump-branded building is stripping the president's name

According to the preliminary findings of the internal investigation of Facebook, these crooks were trying to earn money with ads of the type "spam" and were obviously not pirates in the pay of a foreign country, says the economic daily, citing an anonymous source close to the investigation.

Credit: Chinnapong/ShutterstockFacebook originally estimated that up to 50 million people were affected by an attack on the site announced on September 28 and shrank that number down to 30 million a few weeks later. Once that vulnerability was exploited, the attackers could steal the access tokens used to let people use their accounts without having to log in every time to do so.

Facebook has warned that attackers had obtained access tokens for all of the breached accounts, which it has since invalidated.

The perpetrators only accessed a "limited subset of the data" that could have been harvested, according to the report, with contact details such as email addresses and phone numbers being the priority. But beyond learning what information the attackers accessed, there is relatively little that users can do beyond watching out for suspicious emails or texts.

Users can check whether they were affected, and what information was accessed, by visiting Facebook's help center.