Private Facebook conversations of some 81,000 users were posted after hackers used third-party browser extensions to monitor communication between users, according to a new report.
So far only 81,000 users had their conversations leaked online but, according to the group that obtained all the data, over 120 million accounts could be affected.
While this might sound reminiscent of the recent Facebook hack that compromised the personal data of some 30 million users that also happened last month, this attack is different than – and completely unrelated to – that previous attack.
How it differs is that Facebook security itself hasn’t been compromised – according to the BBC’s investigative team, hackers were using browser extensions to collect the data. These hackers were also only able to obtain Facebook conversations – snippets of text sent between users – rather than users’ personal information that’s stored on Facebook servers.
The other key difference between the two hacks are the targets: the personal information that was stolen seemed primarily to focus on American accounts while the more recent browser hack targeted users living in Ukraine and Russia. Some conversations are from the UK, US, Brazil and elsewhere, but these countries’ users weren’t the primary targets.
Why Facebook Messenger conversations?
Once hackers obtained conversations, they proceeded to sell them online for 10 cents (8 British pence) per account – a small sum that multiplied by 81,000 could’ve been a lucrative haul for the hackers were they not shutdown by local police.
To verify the information contained in the conversations were real, the BBC Russian Service in collaboration with a cyber-security company Digital Shadows contacted the victims who all confirmed that those conversations really happened.
When asked about a possible connection to the Russian state or Kremlin-run programs like the Internet Research Agency, a representative for the hacking group only identified as John Smith said there was no connection.
In response to the story, Facebook executive Guy Rosen told the BBC that the company has “Contacted browser-makers to ensure that known malicious extensions are no longer available to download in their stores,” and “Have also contacted law enforcement and have worked with local authorities to remove the website that displayed information from Facebook accounts.”
While this, in no way, is Facebook’s fault and falls more on browser developers like Safari, Firefox and Chrome who didn’t properly vet some of these extensions, it’s not good optics for a company still in the hot seat after the Cambridge Analytica scandal.