Facebook has now detailed what was potentially stolen in the breach it revealed two weeks ago. 30 million users, not 50 million as it initially estimated, had their access tokens stolen by hackers. Users can check Facebook’s Help Center to find out if their information was accessed, and Facebook will send customized alerts to those impacted detailing what was accessed from their account and what they can do to recover. It’s currently not clear if all the information accessed was necessarily scraped.
15 million of the 30 million users had their name plus phone number and/or email accessed. 14 million had that info plus potentially more biographical info accessed, including “username, gender, locale/language, relationship status, religion, hometown, self-reported current city, birthdate, device types used to access Facebook, education, work, the last 10 places they checked into or were tagged in, website, people or Pages they follow, and the 15 most recent searches”. The remaining 1 million users’ information wasn’t accessed.
Facebook’s other apps including Messenger, Messenger Kids, Instagram, WhatsApp, Workplace, and Pages, as well as its features for payments, third-party apps, advertisers, and developers were not accessed.
Unlike most breaches, this one appears to have turned out to be less severe then initially expected. Users seem to already be forgetting about the breach after a short hiccup where they had to log back in to Facebook. It’s possible that that could impact Facebook’s user counts slightly in its Q3 earnings report. But unless a truly nefarious use case for the accessed data is revealed, the breach could fade into the noise of non-stop cybersecurity failures across the web, including Google+’s breach that was covered up and has now prompted the Facebook competitor’s shut down.