Application security, Breach, Threat Management, Data Security, Network Security

Report: Spammers, not nation-state actors, suspected in Facebook breach

Facebook now suspects it was criminal scam artists and not nation-state actors who compromised tens of millions of accounts in a major data breach that was discovered last month, according to the Wall Street Journal.

Citing individuals familiar with the breach investigation, the WSJ reported yesterday that Facebook believes the culprits are known social media spammers who fraudulently present themselves as a digital marketing company. Moreover, the company believes the perpetrators stole roughly 30 million user access tokens in order to bolster their deceptive advertising operations.

Facebook first detected a spike in unusual activity on Sept. 14, and confirmed the breach on Sept. 25. Three days later, the company disclosed its findings to the public, and the investigation has been ongoing.

An In-Depth Guide to Application Security

Get essential knowledge and practical strategies to fortify your applications.
Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

You can skip this ad in 5 seconds