START A PETITION 25,136,189 members: the world's largest community for good
START A PETITION
x

Facebook Hacked, User Data Not Compromised ( Seriously? Believe It? Not on Your Life!)


Offbeat  (tags: Facebook, Lies, interesting, protection, safety, bizarre, technology, world, society, ethics, police, off-beat, unusual, culture, business, crime, humans, government, odd, news, pictures, performance, women, photos, design, americans )

Chris
- 648 days ago - pcmag.com
Facebook is the latest company to reveal that it was the victim of hackers, but the company said users' personal information was not compromised by the breach. -_-



Select names from your address book   |   Help
   

We hate spam. We do not sell or share the email addresses you provide.

Comments

Chris W. (91)
Sunday February 17, 2013, 4:57 am
The same company that can take down the entire internet, gets hacked. Now saying your personal information was not comprimised? This is totally a lie. Straight up. Lie. Nothing more then that, they trying not to cause a world - wide panic. But, it should be. So, If you don't take this seriously, you really NEED TO.

Facebook is the latest company to reveal that it was the victim of hackers, but the company said users' personal information was not compromised by the breach.

In a Friday blog post, the social network said its security team last month discovered that Facebook's systems were "targeted in a sophisticated attack."

"This attack occurred when a handful of employees visited a mobile developer website that was compromised," Facebook said.

The website in question was hosting an exploit that installed malware on the computer of anyone who visited it. Facebook said the infected laptops were running updated versions of anti-virus software, and "as soon as we discovered the presence of the malware, we remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day."

Ultimately, Facebook has found no evidence that any Facebook user data was compromised by the malware.

The bug was uncovered when the Facebook Security team flagged a suspicious domain in its corporate DNS logs and tracked it back to an employee computer. An examination of the laptop revealed the malicious file, prompting a wider search - and the discovery of more malware.

The file in question used a zero-day exploit that bypassed the Java sandbox to install the malware. "We immediately reported the exploit to Oracle, and they confirmed our findings and provided a patch on February 1, 2013, that addresses this vulnerability," Facebook said.

Facebook said other, unnamed companies were also hit by this attack. "We immediately took steps to start sharing details about the infiltration with the other companies and entities that were affected," the firm said. "We plan to continue collaborating on this incident through an informal working group and other means."

Facebook did not name which other companies were hit, but earlier this month, Twitter said that it detected "unusual access patterns" on its network, which indicated that attackers might have accessed the user data of approximately 250,000 users.

The announcement comes the same week that members of Congress re-introduced the controversial CISPA information-sharing bill. The legislation would allow the government and private companies to share information about cyber attacks. Supporters claim it's the best way to stop attacks from countries like Iran and China, but detractors are concerned that the immunity provided to companies for sharing information will prompt them to hand over user data without a second thought.

When CISPA was first introduced last year, Facebook issued its support for the bill. "One challenge we and other companies have had is in our ability to share information with each other about cyber attacks. When one company detects an attack, sharing information about that attack promptly with other companies can help protect those other companies and their users from being victimized by the same attack," Joel Kaplan, vice president of U.S. public policy at Facebook, said at the time. "Similarly, if the government learns of an intrusion or other attack, the more it can share about that attack with private companies (and the faster it can share the information), the better the protection for users and our systems."

For more, see Obama's Cybersecurity Executive Order vs. CISPA: Which Approach Is Best?

Meanwhile, Facebook and Twitter are not the only ones to fall prey to hackers lately; other victims include Jawbone, a Montana TV station, the Gmail accounts of journalists covering Myanmar, the Bush family, the Federal Reserve, and the Department of Energy.

For more from Chloe, follow her on Twitter @ChloeAlbanesius.

http://www.pcmag.com/article2/0,2817,2415526,00.asp?kc=PCRSS03069TX1K0001121
 
Or, log in with your
Facebook account:
Please add your comment: (plain text only please. Allowable HTML: <a>)

Track Comments: Notify me with a personal message when other people comment on this story


Loading Noted By...Please Wait

 

 
Content and comments expressed here are the opinions of Care2 users and not necessarily that of Care2.com or its affiliates.