BBC Russian Service is reporting that a group of hackers has intercepted account information and private messages from at least 81,000 Facebook user accounts. Some of the data was posted for sale on online forums back in September. BBC confirmed with five users that the data the hackers have is theirs.
So, how worried should you be? And what should you do to protect yourself? Let’s take a look at the details and I’ll tell you my opinion.
Facebook has not been hacked
This is the first and most important thing you should note. No one has gained access to Facebook’s servers or leaked data directly from Facebook. The source of the compromise is a malicious browser extension. No one from Facebook or any of the browser developers have identified which extension is the culprit, however. But the fact that they are aware of it means that it’s probably been removed from the browser stores, if it was ever on them in the first place.
No credentials have been reported stolen
The hackers are saying that they have account details from Facebook accounts. This includes names, email addresses, and phone numbers. It’s worth noting that, depending on your privacy settings on Facebook, some of this data can be gleaned without any sort of hacking.
Nowhere in the report does it say that the hackers have usernames or passwords.
All the users who confirmed their private messages had been stolen are Russian
Of the supposed 81,000 users compromised, BBC Russian Service contacted five, all of whom were Russian, and all of whom confirmed that the stolen messages were legitimate. It doesn’t appear that anyone from the U.S. or the U.K. have confirmed that their messages appear in the hackers’ database.
Law enforcement officials are not cited in the BBC piece
Again, this is a hacking group (probably Russian) that reached out to the BBC Russian Service and confirmed that some private messages from Russian Facebook users appeared in a database of aggregated Facebook data. Typically, when there is a credible cybersecurity threat, you have government organizations or investigation bureaus weighing in and advising users on how to mitigate the damage and stay safe. While the BBC Russian Service article cites some independent security firms, it doesn’t appear that any government agencies have flagged this as a major threat.
Conclusion: Should you be worried?
This is no WannaCry. This is no Yahoo! email breach.
If anything, this is a cautionary tale to be wary of the browser extensions you install. Stick to extensions and plugins that come from the official browser stores, like the Chrome Web Store or the Firefox Add-ons page.
It doesn’t seem like this group of hackers has anything super salacious. Nor does it sound like they’ve exposed or exploited a major vulnerability in Facebook’s security.
What’s peculiar to me is that they have focused on Facebook users in their messaging and in this BBC Russian Service piece. If a malicious browser extension were to find its way onto your computer, the amount of personal information that it could compromise would extend far beyond Facebook. It could just as easily capture text or screenshots from Gmail, Twitter, your bank’s website, your corporate webmail, or any other site.
So, why single out Facebook? Seems fishy.
I’d take this story with a grain of salt. Be wary and discerning of all third-party browser plugins, of course. But don’t let this be the reason you are worried about Facebook and your privacy.