The content of pirated private messages from at least 81,000 Facebook accounts has been selling online, according to the BBC. The security breach was discovered for the first time in September after one of the hackers published the stolen data in a forum. The details of the messages were obtained after the users downloaded a malicious browser extension which then took the information from their accounts.
The hackers then sold access to information for 10 cents per account. This group ensures that its database includes 120 million accounts, but that amount could not be confirmed by external experts in cybersecurity.
“We have contacted browser developers to ensure that the malicious extensions identified are no longer available for download in their stores,” Facebook executive Guy Rosen told the BBC. After being notified of the attack, Facebook contacted the police to remove the stolen information from the platforms where it was published.
Read more: Hackers expose secret projects by breaching Russian Intelligence contractor SyTech
The BBC discovered the ad in September, which claimed: “We sell personal information of Facebook users. Our database includes 120 million accounts.” Cybersecurity firm Digital Shadows investigated the claim and found that more than 81,000 accounts put online as a sample contained private messages.
Digital Shadows also confirmed that personal information such as phone numbers and email addresses from another 176,000 accounts was published, but that it may have been scrapped because the accounts in question had not hidden it.
Many of the compromised accounts are from Russia and Ukraine, but some also belonged to US users. Includes United States, United Kingdom, and other places.
This has not been the only security problem of the platform in recent months. In September, Facebook announced that hackers could obtain private details of almost 30 million accounts (originally estimated at 50 million) through a failure in the “See as” function of the platform. The hackers have not yet been identified.
That’s all for now. Please leave your feedback in the comment section below.