- Hackers stole the private messages of more than 81,000 Facebook accounts, and sold them for 10 cents per account, the BBC reports.
- Facebook says there’s been no breach in its security, and that the data was obtained using a dodgy web extension.
- The BBC reports that many of the users whose details were stolen are based in Russia and the Ukraine.
Hackers stole the private Facebook messages of over 81,000 accounts, a BBC investigation has revealed.
The hackers posted ads, one of which was spotted by the BBC on an English language web forum, offering to sell access to people’s accounts for 10 cents each.
The BBC discovered the ad in September, which claimed: “We sell personal information of Facebook users. Our database includes 120 million accounts.” Cybersecurity firm Digital Shadows investigated the claim, and found that more than 81,000 accounts put online as a sample contained private messages.
Digital Shadows also confirmed that personal information such as phone numbers and email addresses from another 176,000 accounts was published, but that it may have been scraped because the accounts in question had not hidden it.
The BBC said there was reason to believe the 120 million claim was exaggerated.
Many of the users affected are reportedly based in the Ukraine and Russia, although there were users affected in many other countries including the US, the UK and Brazil. One of the websites where the hackers posted the data was ascertained to have been set up in St Petersburg.
The BBC Russian service contacted five Russian users affected by the hack, and confirmed the messages were theirs. The messages included holiday pictures, complaints about a son-in-law, and an “intimate” conversation between two lovers.
Not a Facebook breach
Facebook said the messages were not obtained through a breach in its security, but rather a dodgy browser extension.
“Based on our investigation so far, we believe this information was obtained through malicious browser extensions installed off of Facebook,” said Facebook executive Guy Rosen in a statement sent to Business Insider.
“We have contacted browser makers to ensure that known malicious extensions are no longer available to download in their stores and to share information that could help identify additional extensions that may be related. We have also contacted law enforcement and have worked with local authorities to remove the website that displayed information from Facebook accounts. We encourage people to check the browser extensions they’ve installed and remove any that they don’t fully trust. As we continue to investigate, we will take action to secure people’s accounts as appropriate.”
Many people add extensions to their browsers, such as ad-blockers or spell-checkers.