Mark Zuckerberg’s propaganda machine suffers another hack
While Facebook was busy meddling in the US Midterms by taking down hundreds of conservative accounts this week, Mark Zuckerberg’s “social” media platform was hacked, again.
Hackers stole the contact information of almost 30 million users, including names, emails, and phone numbers.
Of the hacked users, 14 million had more in-depth data stolen such as hometown, birthdate, check-in information, and even their recent searches.
Two weeks ago, the social media giant revealed another security breach and said it had “not ruled out the possibility of smaller-scale attacks.”
According to Sky News, Facebook says the attack “did not include Messenger, Messenger Kids, Instagram, WhatsApp, Oculus, Workplace, Pages, payments, third-party apps, or advertising or developer accounts.”
The hack came after a feature called “View As,” which allows users to see what their profile looks like to someone else, became vulnerable.
That stemmed from a change the California-based company made to its video uploading feature in July 2017.
Guy Rosen, Facebook’s vice president of product management, said staff had been “working around the clock to investigate.”
He added: “We’re cooperating with the FBI, which is actively investigating and asked us not to discuss who may be behind this attack.”
The accounts were targeted after the hackers initially stole the access tokens of “about 400,000 people,” using an “automated technique to move from account to account.”
Access tokens work as digital keys, letting those who hold them log into Facebook accounts without entering a password.
“This technique automatically loaded those accounts’ Facebook profiles, mirroring what these 400,000 people would have seen when looking at their own profiles,” Facebook said.
“That includes posts on their timelines, their lists of friends, groups they are members of, and the names of recent Messenger conversations.”
Facebook said people could check whether they were affected by going to its help center.
It also said it would be sending “customized messages to the 30 million people affected to explain what information the attackers might have accessed.”