Facebook tentatively concludes spammers were behind recent data breach


Facebook's investigation is continuing since its security team first detected the breach on September 25.

The social network us Facebook think that mass piracy of data recently revealed, was orchestrated by "spammers" and not by a country for political purposes, says the "Wall Street Journal" on Tuesday. "The FBI is actively investigating and have asked us not to discuss who might be behind the attack".

The Journal reported Thursday that the hack was committed by a group of Facebook and Instagram spammers who have been associated with a digital marketing company.

Among the user data stolen by hackers were birthdates, phone numbers, search history and even recent locations the users had "checked in" at. It was taken into account that a "usual suspects" country is behind the hack, for example Russian Federation or North Korea.

Facebook said it was conducting an internal investigation into the incident and last week cut the number of affected users from its original estimate after investigators reviewed activity on accounts that may have been affected.

On top of that, a further 14 million users had other details like gender, locale/language, relationship status, and religion retrieved, on top of the previous data.

Credit: Chinnapong/ShutterstockFacebook originally estimated that up to 50 million people were affected by an attack on the site announced on September 28 and shrank that number down to 30 million a few weeks later.

In addition to Facebook, the Federal Bureau of Investigation and the privacy watchdog in Ireland, where the company's global headquarters is located, also investigate the case. Another 15 million users only had their name and contact info accessed, while the final 1 million users just had their access tokens stolen-digital passes that let a user log in to their account without needing to type in a password.

These tokens allow access to any part of a user's Facebook account, but the spammers only accessed a limited set of information compared to what they could've taken. Facebook users are also able to check whether they were victim of the intrusion by going to Facebook's help pages.