Earlier this year, Facebook came under fire for sharing heaps of data for over 87 million users with Cambridge Analytica. As if the company wasn't already having a tough time regaining the trust of its user base, Facebook's now announced that information for around 30 million people was exposed during an attack it shut down in September.
Here's everything you need to know.
Between July 2017 and September 2018, attackers accessed Facebook and created a security vulnerability that allowed them to retrieve access tokens to take over people's accounts.
Facebook says it noticed "an unusual spike of activity" on September 14, and on September 25, determined that it was being attacked.
Within two days, we closed the vulnerability, stopped the attack, and secured people's accounts by restoring the access tokens for people who were potentially exposed.
Facebook originally estimated that up to 50 million users had their information exposed, but that number has since dropped down to around 30 million. Of that number, 15 million users had their name and contact info (phone number and/or email) compromised while another 14 million lost that and their gender, Facebook username, location, language, relationship status, hometown, religion, current area of residence, birthdate, devices used to access Facebook, work, education, and more.
For the remaining 1 million, Facebook says that no information was compromised.
This attack did not affect Facebook Messenger, Messenger Kids, Instagram, WhatsApp, Oculus, Workplace, Pages, payments, any third-party apps, or developer/advertising accounts.
What's Facebook doing?
Facebook is working with the FBI to determine exactly how this happened, and per the official press release, the FBI's asked Facebook "not to discuss who may be behind the attack."
The 30 million affected users will see customized messages on the Facebook app and website to let them know what info of theirs was stolen, and the company's Help Center has also been updated with new information about the attack.
What can you do to protect yourself?
Facebook says it'll be reaching out to users to tell them what next steps they should take, but as always with these attacks, there are a few things you can do right now to ensure you're taking the right steps.
For starters, it's never a bad idea to reset your password when something like this happens. Also, if you're still not using a password manager or two-factor authentication, now's a good time to change that.
We may earn a commission for purchases using our links. Learn more.
Windows Hello is now more accurate with new Windows 10 updates
A new cumulative update is now rolling out for Windows 10 versions 1909 and 1903. This latest round of fixes includes an update to the accuracy of Windows Hello, along with several other tweaks.
Microsoft Edge Dev channel snags 3D view for developers in latest update
A fresh update is rolling out to the Microsoft Edge Dev channel today, bringing a 3D view tool for developers and more. Microsoft has also confirmed it's discussing bringing back features like "Set Aside" for tabs.
Microsoft's Project Tokyo uses AI to help blind people recognize faces
A new post from Microsoft shares how a converted HoloLens and Project Tokyo help blind people recognize faces. Spatial audio and well-designed cues help people and tech work together to improve conversations.
Best stands for your WMR headset
You need somewhere to keep your Windows Mixed Reality headset safe when it's not on your head, right? Well, you need a good stand and we have the best ones right here.