Facebook has tentatively concluded that spammers masquerading as a digital marketing company were behind the massive security breach revealed last month, and not hackers working for a nation-state, the Wall Street Journal reported late Wednesday.
Facebook has been investigating the hack, which it calls the biggest security breach in its history, since its discovery on Sept. 25. The social network originally suspected as many as 50 million user accounts were affected but now believes it compromised the personal information for 29 million users, including phone numbers and email addresses.
The breach stemmed from a vulnerability in Facebook’s “view as” feature, which lets people see what their profiles look like to other people. Attackers exploited code associated with the feature that allowed them to steal “access tokens” that could be used to take over people’s accounts. The attackers also used a technique that let themĀ steal access tokens from the friends of the accounts they already controlled, expanding their reach.
Facebook has said it’s working with the FBI, which asked it not to discuss who might be behind the attack or whether they were targeting anyone in particular. But it’s also said there’s no reason to believe the breach was related to the upcoming US midterm elections.
The company declined to comment on the hack Wednesday, reiterating comments made Friday by Guy Rosen, Facebook vice president of product management.
“We are cooperating with the FBI on this matter,” Guy said. “The FBI is actively investigating and have asked us not to discuss who may be behind this attack.”
Cambridge Analytica: Everything you need to know about Facebook’s data mining scandal.
iHate: CNET looks at how intolerance is taking over the internet.