Gamasutra is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Gamasutra: The Art & Business of Making Gamesspacer
arrowPress Releases








If you enjoy reading this site, you might also want to check out these UBM Tech sites:


Facebook confirms 30 million people had personal data stolen in breach

Facebook confirms 30 million people had personal data stolen in breach

October 12, 2018 | By Alissa McAloon

October 12, 2018 | By Alissa McAloon
Comments
    1 comments
More: Social/Online



Facebook has released some of the findings of its investigation into the security breach it discovered weeks ago, ultimately reporting that 30 million Facebook users had login access tokens stolen during the attack and that it is now working with the FBI to investigate the attack’s source. 

Those tokens, which were stolen by taking advantage of three software bugs relating to the platform’s View As profile feature, essentially allow an attacker to hijack the Facebook profiles of affected individuals.

While Facebook developer accounts and Oculus profiles were not affected in the breach, the extent of the attack itself makes it something developers that use Facebook both for personal and professional reasons should be aware of. Facebook users can check if they had information stolen from the platform’s help center

Facebook dives into how it tracked down the attack in the first place in the blog post, but ultimately says that 30 million individuals were affected by the breach. The attack started out with the theft of tokens belonging to 400,000 people, which were then used to steal access tokens from the Facebook friends of those 400,000 people and onward until 30 million were hit. 

Of those, 15 million people had their name and contact information accessed while an additional 14 million people had that info plus more specific profile information like “username, gender, locale/language, relationship status, religion, hometown, self-reported current city, birthdate, device types used to access Facebook, education, work, the last 10 places they checked into or were tagged in, website, people or Pages they follow, and the 15 most recent searches.” The remaining 1 million had tokens stolen but did not see their personal info accessed.



Related Jobs

innogames
innogames — Hamburg, Germany
[06.12.19]

VIP Account Manager - Forge of Empires
innogames
innogames — Hamburg, Germany
[06.05.19]

Community Specialist - Grepolis (in-house)
Gameloft Ibérica, S.A.U.
Gameloft Ibérica, S.A.U. — Barcelona, Spain
[06.05.19]

Senior Producer (Game Manager)
innogames
innogames — Hamburg, Germany
[05.22.19]

Python Developer - System Administration









Loading Comments

loader image