October 12, 2018
Facebook shared Friday the results of an investigation into the company’s recent data breach.
The company said an exploit in the website’s “View As” feature, which existed between July 2017 and September 2018, allowed attackers to steal access tokens and take over users’ accounts.
Facebook announced that 30 million people had their access tokens stolen because of the breach.
One group of 15 million people saw the attackers access users’ names and contact details — their phone number, their email, or both.
A second group of 14 million people saw the attackers access users’ names, contact details, and other information from their profiles, including gender, current city, device types used to access Facebook, the last 10 places they checked into, and their 15 most recent searchers.
A lucky third group of 1 million people did not have any information accessed by the attackers.
Was your account affected by the security breach? If you’re not sure, here’s what to do.
Head to this link on Facebook’s Help Center, where you’ll find this page:
If you scroll down the screen, below the summary of the investigation, you’ll find a box where Facebook gives you a yes or no answer on whether your account was affected:
In either case, whether you find a yes or a no, it might be a good idea to change your password anyway.