Hackers Published Private Messages From 81,000 Facebook Users

Judy Cobb
November 4, 2018

Hackers have gained access to private messages of almost 120 million Facebook accounts and already published such messages from 81,000 accounts for generating money, the BBC reported.

Facebook says that although personal data for each user doesn't appear to have been compromised, they were able to find a probable access point for the intrusion: fraudulent "browser extensions".

"The hackers offered to sell access for 10 cents per account".

"We have contacted browser-makers to ensure that known malicious extensions are no longer available to download in their stores", Guy Rose, Vice President of Product Management at Facebook, was quoted as saying.

Facebook became aware of the website hawking information from user accounts and started investigating about a month ago.

Charlie Nash is a reporter for Breitbart Tech. The group posted a sample of its purported 120 million account haul online and according to cybersecurity firm Digital Shadows, more than 81,000 of those shared profiles contained private messages. But as you'd expect, there are also more sensitive discussions, including "intimate correspondence between two lovers", as the BBC describes it.

Trojans and malicious browser extensions stealing Facebook data is nothing new as BleepingComputer has reported on them in the past.

Trump speaks by phone with China's Xi on trade
The president added that he would have a dinner with Xi at the G20 summit, wherein they would be discussing the issue. At a campaign rally in Columbia, Missouri, on Thursday night he said, "They want to make a deal".

Facebook believes a rogue browser extension is to blame for the theft.

Your private messages on Facebook may be up for sale.

The embattled network has had a bad year for data security and questions will be asked about whether it is proactive enough in responding to situations like this that affect large numbers of people.

The BBC also emailed the hackers, pretending to be interested in purchasing 2 million account details.

A reply in English came from someone calling themself John Smith. However, the data on them could have been scraped from publicly-available information. This seems unlikely, however, as Facebook would have noticed such a substantial breach, according to cyber-security company Digital Shadows, which has been working with the BBC.

John Smith did not explain why he had not advertised his services more widely. Upon further investigation, BBC learned that the new data breach was not linked with the Cambridge Analytica scandal or the recent data breach in September.

Other reports by

Discuss This Article