Wherever you relocate too, be aware of this situation if you use private chats or messages...
Oh no if you've had private chats on Facebook...Facebook said its security had not been compromised and that the data was likely obtained through malicious browser extensions.
From the link below: Up to 120 million Facebook accounts are 'up for sale for EIGHT PENCE each' online after Russian hackers publish private messages from 81,000 global users.
Private messages from UK, Ukraine, Russia, US, Brazil and elsewhere published.
Hackers were attempting to sell access to the accounts online for 8 pence per profile.
Examples included intimate messages between a couple and holiday photos sent privately over Facebook messenger.
Examples of the messages published included an intimate chat between two lovers, complaints about a son in-law, photos of a recent holiday sent privately between two Facebook friends and a chat about a recent Depeche Mode concert.
The perpetrators claim they have details from a total of 120 million accounts, according to the BBC Russian Service.
Facebook said its security had not been compromised and that the data was likely obtained through malicious browser extensions.
https://www.dailymail.co.uk/sciencetech/article-6345295/Hackers-publish-private-messages-81-000-Facebook-users-globe.html
November 3, 2018
#Hackers #Facebook #PrivateMessages
https://www.dailymail.co.uk/sciencetech/article-6345295/Hackers-publish-private-messages-81-000-Facebook-users-globe.html
Oh no if you've had private chats on Facebook...Facebook said its security had not been compromised and that the data was likely obtained through malicious browser extensions.
From the link below: Up to 120 million Facebook accounts are 'up for sale for EIGHT PENCE each' online after Russian hackers publish private messages from 81,000 global users.
Private messages from UK, Ukraine, Russia, US, Brazil and elsewhere published.
Hackers were attempting to sell access to the accounts online for 8 pence per profile.
Examples included intimate messages between a couple and holiday photos sent privately over Facebook messenger.
Examples of the messages published included an intimate chat between two lovers, complaints about a son in-law, photos of a recent holiday sent privately between two Facebook friends and a chat about a recent Depeche Mode concert.
The perpetrators claim they have details from a total of 120 million accounts, according to the BBC Russian Service.
Facebook said its security had not been compromised and that the data was likely obtained through malicious browser extensions.
https://www.dailymail.co.uk/sciencetech/article-6345295/Hackers-publish-private-messages-81-000-Facebook-users-globe.html
November 3, 2018
#Hackers #Facebook #PrivateMessages
https://www.dailymail.co.uk/sciencetech/article-6345295/Hackers-publish-private-messages-81-000-Facebook-users-globe.html
What’s the date of the next apology tour?
ReplyDeleteJose Pina Coelho Facebook says its security has not been breached and is blaming it on malicious browser extensions.
ReplyDeleteThis is how I got myself banned from Facebook over 2 years ago, after arguing with representatives of Facebook about the lack of security. Didn't appreciate having all these times they felt at being highlighted, and seeing this and seeing the deflection that's coming from Facebook it's no surprise that the trend continues. Wherever you end up, just know that Facebook is not a secure option.
ReplyDeleteI really wonder what platform is safe.
ReplyDeletesanjuro ogawa Exactly.
ReplyDeletesanjuro ogawa Tor.
ReplyDeletetorproject.org - Tor Project | Privacy Online
Shut it down .. g+ are after breach
ReplyDeleteSo you have to log in, and go to a special page so that Facebook can tell you if you've been hacked. Facebook KNOWS who has been hacked. They have their contact details. They could send them a freaking message proactively!
ReplyDeleteBodhipaksa when you feel like you're untouchable, you don't have to be polite.
ReplyDeleteFacebook has indeed some very serious issues.
ReplyDeleteMinds looks good. Steemit + DTube is tough to beat.
ReplyDeleteDon McCollough Please don't post idle speculation concerning events you have no information of. It's not helpful. Thanks.
ReplyDeleteKathie Gifford Good point on the likely source here.
ReplyDeleteKeep in mind that it's major providers such as Facebook, Google, Microsoft, Apple, and Amazon who are most likely to be able to detect and defend against many forms of hacking. And their records are far from perfect.
They are also likely to be primary targets due to size and visibility, which may offset their defencive capabilities.
And if the attacks come from outside the platforms' own security perimiter (e.g., user OS, hardware, browser extensions, or other similar mechanisms) there is little that the platforms themselves can do to prevent the breeches.
What they can do is provide tools to detect them, most especially through canary data which will trip alerts if accessed or utilised. Example: URLs or email addresses present only in data that have no public exposure, and which if accessed indicate that some form of breech was conducted. This is a fairly common audit procedure, though I'm not aware of how widely used it is within the tech industry. It was not at all standard practice as of a few years ago, though things may have progressed since.
Edward Morbius canary data is still something that the IT industry has to learn from the intelligence community.
ReplyDeleteJohn le Carré is mandatory reading for IT Security people.
Jose Pina Coelho And mapmaking. And telephone directories. And banking and credit cards, and ....
ReplyDeleteHrm, does Schneier mention canaries at all? Demming?
Checking a few books, no "canary" entry in Schneier's Secrets and Lies or Garfinkel's Database Nation. Am disappoint.
Edward Morbius see? They still need to read le Carré (and just throw in Machiavelli for good measure).
ReplyDeletePS: I may be imagining things, but I’m 80% sure Niccolò said something on the subject of canary data...
Facebook is the WORST on security and privacy yet people still using it.
ReplyDeleteWhat is the status of Facebook's investigation and what was learned?
ReplyDeleteOn September 25, 2018, we discovered that attackers had exploited a vulnerability caused by the complex interaction of three bugs in our system to obtain access tokens. Tokens can be used, like a digital key, to request certain information through our platform. We acted quickly to secure the site and began an investigation to determine if anyone's Facebook information was accessed and how many users were impacted.
To protect our users while we conducted an investigation, we invalidated the access tokens of almost 90 million accounts that were potentially impacted by the vulnerability. There's no need for anyone to change their passwords, and if you're still having trouble logging back into your account, learn what you can do.
Starting September 28, we notified users who were logged out, explained why we did this and shared what we knew about the attack at that time. You can read more about this incident and our initial response. When we shared this initial response, we were still investigating and didn't yet know if anyone's Facebook information was accessed.
We have now determined that between September 14 and 27, the attackers used the access tokens to get certain Facebook account information from our platform. These access tokens have been since invalidated, which prevents any further access to Facebook account information. Learn more about how this attack took place.
Our investigation is still ongoing, and if we have more information to share, we'll let you know.
Is my Facebook account impacted by this security issue?
Based on what we've learned so far, your Facebook account has not been impacted by this security incident. If we find more Facebook accounts were impacted, we will reset their access tokens and notify those accounts.
How could it be better?