Skip to main content

Facebook hacked, but has found 'no evidence' that user data was compromised

Facebook hacked, but has found 'no evidence' that user data was compromised

Share this story

As one of the largest sites on the internet, there's no doubt that Facebook is a prime target for hackers. It looks like some of those hackers were apparently successful — Facebook has just admitted that its systems were targeted last month in a "sophisticated attack." However, the company was quick to point out that "we have found no evidence that Facebook user data was compromised." It sounds like users have no need to worry at this point, but Facebook is continuing to work with its internal engineering teams, security teams at other companies targeted by the attack, and law enforcement officials in an effort to make sure such an attack doesn't happen again.

As for the attack itself, Facebook says that a "handful" of employees visited a mobile developer website that had been compromised — the site hosted a zero-day exploit that installed malware on those employees' laptops. The malware bypassed the Java sandbox protections; once Facebook reported the vulnerability to Oracle, the company responded with a patch on February 1st to correct the flaw. Facebook said that the laptops were all running up-to-date virus protection software and they immediately fixed the machines and notified law enforcement.

Facebook eventually discovered that other companies by the same attack and has been working with them to prevent other attacks. While Facebook used pretty clear language to state that user data was safe, the company's investigation into the hack continues "to this day." While it's good news that Facebook data appears to be safe, it's still rather worrisome for the billion-plus individuals who've entrusted many, many aspects of their lives to the service.

Update: While Facebook didn't give any real detail on when specifically the attack took place, Ars Technica is reporting that the attacks took place in the same time as attacks on The Wall Street Journal, The New York Times, and Twitter. It also notes that Facebook worked with a third-party to "sinkhole" the attacker's command server, which rerouted the traffic coming to it from other infected machines — this appears to be how Facebook identified the other companies affected by the malware. While on the surface, this incident merely sounds like the result of some Facebook engineers visiting a malware-infected site, the fact that federal law enforcement is continuing this investigation as well as the other recent high-profile hacks may point to a bigger security issue.