Facebook reveals it was hacked, but says no user data compromised

securityFacebook today detailed a malware attack that occurred last month, but which has been remediated and reportedly did not result in any user data being compromised.

Facebook says the attack originated when some employees visited a mobile developer website that had been compromised and led malware to be installed on the employees’ laptops. After the company’s security team identified the malicious file, it flagged other infected laptops and removed the malware. Facebook says it informed law enforcement and is continuing an investigation along with others who were attacked. The company did not name other companies who were infiltrated this way, but it says it was not alone.

Facebook says it has “found no evidence” that user data was compromised. According to Ars Technica, which spoke to Facebook Chief Security Officer Joe Sullivan, the attackers gained “some limited visibility” into Facebook’s production systems as well as some corporate data, email and software code from the laptops themselves, but this did not lead to any extraction of user information.

Facebook explained the attack as a ”zero-day” exploit, meaning it exploited a previously unknown vulnerability. The attackers used what is called a “watering hole” attack, compromising the server of a popular mobile developer forum and using it to spread the malware to site visitors who had Java enabled in their browser. Antivirus software was unable to detect the malware because it was new. However, Facebook says it reported the exploit to Oracle, which owns the Java SE platform, and the company provided a patch on Feb. 1.

Facebook says it will continue to work with law enforcement and the other organizations who were affected by the attack, and it reminded users to report any security vulnerabilities to its Bug Bounty Program.

Marketing with Facebook Insights

Mediabistro Course

Marketing with Facebook Insights

Starting October 2, use Facebook’s analytics tool track and optimize your marketing efforts! Taught by the group marketing manager of social media at Microsoft/BingAds, Geoffrey Colon will show you how to measure key performance indicators and make your data actionable. Register now!

 

Leave a Reply

Get the latest news in your inbox
interested in advertising with inside facebook?

Social Media Jobs
of the Day

Senior Web Developer

Kaufmann Mercantile
Brooklyn, NY

Director of Web and Online Services

University of California at Irvine
Irvine, CA

Web Producer / Designer

Purch
New York, NY

Marketing Graphic / Web Designer

Collectrium
New York, NY

Web Production Designer (Contrator)

Marvel Entertainment
New York, NY

Featured Company

Join leading companies like this one and recruit from the nation's top media job seekers on the Mediabistro Job Board. Every job post comes with our satisfaction guarantee. Learn More
 

Our Sponsors

Mediabistro A division of Prometheus Global Media home | site map | advertising/sponsorships | careers | contact us | help courses | browse jobs | freelancers | content | member benefits | reprints & permissions terms of use | privacy policy Copyright © 2014 Mediabistro Inc. call (212) 389-2000 or email us