Hackers have reportedly accessed and posted personal Facebook messages from at least 81,000 user accounts. While the social media giant has denied any security breach at its end this time, the leaks seem to have been caused by malicious browser extensions. Reports suggest that private data of as much as 120 million Facebook users could be at risk.
According to the BBC report, perpetrators behind this data leak claim to have access to details from 120 million accounts which they are planning to sell. The report said that the affected accounts could be from the United States, United Kingdom, Russia, Brazil, Ukraine and other parts of the world.
Facebook has assured that necessary steps are being taken to prevent more accounts from falling to the hackers. “We have contacted browser-makers to ensure that known malicious extensions are no longer available to download in their stores. We have also contacted law enforcement and have worked with local authorities to remove the website that displayed information from Facebook accounts,” Facebook executive Guy Rosen was quoted as saying by the BBC.
The breach was detected first in September, when an advertisement by one FBSaler appeared on an internet forum, offering to sell personal information on Facebook users. The people behind the advert claimed to have access to 120 million user accounts. The 81,000 profiles posted online as a sample contained private messages, the BBC report said. The BBC Russian Service even contacted five Russian accounts whose private messages were published online and confirmed that the posts were theirs.
One of the websites where the data from hacked accounts had been published seems to have been set up in St Petersburg. The IP address of this website has also been flagged by the Cybercrime Tracker service as it had been used to spread the LokiBot Trojan, which allows attackers to gain access to user passwords, the report said.