Private Facebook conversations of some 81,000 users were posted after hackers used third-party browser extensions to monitor communication between users, according to a new report.
So far only 81,000 users had their conversations leaked online but, according to the group that obtained all the data, over 120 million accounts could be affected.
While this might sound reminiscent of the recent Facebook hack that compromised the personal data of some 30 million users that also happened last month, this attack is different than – and completely unrelated to – that previous attack.
How it differs is that Facebook security itself hasn’t been compromised – according to the BBC’s investigative team, hackers were using browser extensions to collect the data. These hackers were also only able to obtain Facebook conversations – snippets of text sent between users – rather than users’ personal information that’s stored on Facebook servers.
The other key difference between the two hacks are the targets: the personal information that was stolen seemed primarily to focus on American accounts while the more recent browser hack targeted users living in Ukraine and Russia. Some conversations are from the UK, US, Brazil and elsewhere, but these countries’ users weren’t the primary targets.
Why Facebook Messenger conversations?
To verify the information contained in the conversations were real, the BBC Russian Service in collaboration with a cyber-security company Digital Shadows contacted the victims who all confirmed that those conversations really happened.
When asked about a possible connection to the Russian state or Kremlin-run programs like the Internet Research Agency, a representative for the hacking group only identified as John Smith said there was no connection.
The BBC Russian Service emailed the address listed alongside the hacked details, posing as a buyer interested in buying two million accounts’ details.
The advertiser was asked whether the breached accounts were the same as those involved in either the Cambridge Analytica scandal or the subsequent security breach revealed in September.
In response to the story, Facebook executive Guy Rosen told the BBC that the company has “Contacted browser-makers to ensure that known malicious extensions are no longer available to download in their stores,” and “Have also contacted law enforcement and have worked with local authorities to remove the website that displayed information from Facebook accounts.”
While this, in no way, is Facebook’s fault and falls more on browser developers like Safari, Firefox and Chrome who didn’t properly vet some of these extensions, it’s not good optics for a company still in the hot seat after the Cambridge Analytica scandal.