Facebook has given new information about the hack into your network that he announced two weeks ago. The company has announced that in the next few days it will send personalized messages to affected users to monitor sms, emails or suspicious calls they can receive, as announced by the product vice president, Guy Rosen, in a telephone press conference from the headquarters of the company in Menlo Park (California).
The stolen data can be used by the hackers to pose as friends of possible new victims. The attackers removed from the pirated profiles information about name, gender, marital status, religion, birthday, current city, types of devices used to access Facebook, work, the last 10 places from which they entered the social network and their 15 searches most recent That level of specificity gives many options to hackers to try to pass themselves off as affected by other friends and get information, not only on Facebook but also by email or phone.
FBI executive deputy director Amy Hess said Friday at a rally in Washington, on the sidelines of Facebook's announcement, that the theft of personal data is a growing cybercrime trend: "We see a combined threat: nations that use hackers criminals and also criminal actors whose objective is national security, especially through the theft of personally identifiable information. "That information, especially for 14 million users, is that hackers found on Facebook.
Rosen has repeated again and again that they can not give details of the geographical origin or of the intentions of the hackers because the FBI had specifically asked for it. The vice president of product has admitted that the origin of the victims is "quite broad", but has not gone further by warning of the US federal authorities. The company is also collaborating with the Irish Data Protection Commission. The loss of user data in the European Union could lead to a fine for the social network.
Facebook is not aware, for now, that the stolen data have been used or shared on the Internet: "We have not seen any evidence that any of this data has been used," Rosen said.
Facebook has reduced the total number of affected from the initial 50 million to 29. The error is due, according to Rosen, to the "extreme rapidity" with which they gave the initial information. The 29 million are divided into three groups A first group of 400,000 users whose accounts hackers "already controlled," according to Rosen. That should have allowed Facebook and the FBI to narrow down the origin of the attackers. The other two groups are divided almost equally between 15 and 14 million and their only difference is the depth of data of the profile to which the hackers they had access.
The company has insisted that its other brands -Instagram, WhatsApp or Messenger- were not affected. Facebook also has no evidence that the attackers used access to Facebook accounts to enter other applications that can be accessed with the login of the network, such as Spotify or Tinder.
The credit card information has not been compromised, Rosen said, although the last four figures in the case of some users. This type of detail can give plausibility to a message from phishing, where a hacker poses as a bank and tries to get someone to give information – basically a password – voluntarily.
Rosen has again apologized for the loss of private data of people who had entrusted them, but has also admitted that it is impossible for the data to be completely safe: "There will always be problems, we try to move faster and faster," he explained.