How to check which Facebook hackers have accessed your account

New York: Could hackers have seen the last person you cyberbooted or the photo of the party on which you were tagged? According to Facebook, the unfortunate response is "yes".

On Friday, the social network said that fewer users were affected by a security breach revealed two weeks ago compared to initial estimates, nearly 30 million, down from its original estimate of 50 million pf.

Read more:

Facebook hacking victims do not enjoy protection against identity theft
Chile reports piracy of 14,000 credit cards
Police: hackers steal some of the blackmail victims' passwords

Other good news, the company said that hackers were not able to access more sensitive information such as your password or financial information. And third-party applications have not been affected.

Nevertheless, for users already worried about the privacy and security of their Facebook accounts after a tumultuous year, the details that hackers had access to – sex, relationship status, hometown and other information – could be even more disturbing.

Facebook was quick to allow users to check exactly what was viewed.

Beware of suspicious emails or SMS

But beyond the acquisition of the information that attackers have accessed, users can do little beyond – that is, monitor e-mails or suspicious texts.

Facebook says the problem has been fixed.

The company has set up a website that its 2 billion global users can use to check if their accounts have been viewed and, if so, what information has been stolen.

It will also tell you how to detect and handle emails or suspicious texts.

Facebook will also send messages directly to people affected by the hacking.

On this page, after some preliminary information on the survey, the question "Is my Facebook account affected by this security problem?" Appears halfway through.

It will also provide specific information to your account if you are logged in to Facebook.

What hackers accessed

Facebook said hackers had accessed names, e-mail addresses or phone numbers from these accounts. For 14 million of them, hackers received even more data – basically everything your friends could see on your account, and more. This is a pretty lengthy list: user name, gender, location or language, relationship status, religion, hometown, current city declared, date of birth, types of devices used to access to Facebook, to education, to work, to the last 10 places visited or have been tagged in your website, the people or pages you follow and your 15 most recent searches.

One million additional accounts were affected, but hackers did not receive any information from them.

The company does not indicate where these users are, but says that the flaw was "wide enough". She plans to send messages to people whose accounts have been hacked.

Facebook said the FBI was investigating but asked the company not to discuss people likely to be behind the attack. The company said it did not rule out the possibility of smaller attacks using the same vulnerability.

The company said it fixed the bugs and disconnected affected users to reset these digital keys.

Facebook vice president, Guy Rosen, said during a conference call Friday with reporters that the company had not ruled out the possibility that other parties have launched others. efforts on a smaller scale to exploit the same vulnerability before it is disabled.

Patrick Moorhead, founder of Moor Insights & Strategy, said the breach appeared as a violation of identity theft that occurred in companies such as Yahoo and Target in 2013.

"This personal information could very easily be used for identity theft when registering credit cards, getting a loan, getting your bank password, etc.," he said. . "Facebook should provide all these customers with free credit monitoring to ensure that damage is minimized."

Thomas Rid, a professor at Johns Hopkins University, also said the evidence, particularly the magnitude of the violation, seemed to indicate a criminal rather than a sophisticated state operation, which usually targeted fewer people.

"It does not seem very focused at all," he said. "Usually, when you're looking at a sophisticated government operation, a few thousand hacked people, that's a lot, but they usually know who they're talking to."