Facebook Hack Made Private Messages For Sale, Possibly Including Yours

Facebook with pad lock
By TY Lim / Shutterstock

In the latest news that doesn’t sound a lot like news, Facebook has been hacked and your private messages have been exposed. Adding insult to injury, your private messages are being sold on the black market for 10¢ per account. The Verge offers the following details.

“The breach was first discovered in September after one of the hackers advertised the stolen data on a forum. The message details were obtained after users downloaded a malicious browser extension that then scraped the information from their accounts. The hackers then sold access to the information for 10 cents per account. The group told BBC that their ‘database includes 120 million accounts,’ but that number could not be confirmed by outside cybersecurity experts.”

At this time, there is no way to tell if your account was one of those that were stolen. Most of the stolen accounts were from Ukraine and Russia. But some are known to be from the US, UK, and other parts of the world.

Over the years, Facebook has shown themselves to be unreliable stewards of your private information. A few months ago, Facebook lost sensitive details to hackers from 30 million accounts. Cambridge Analytica was able to gather all kinds of sensitive information and it didn’t even require a hack. For those looking to access your private data, Facebook is the gift that keeps on giving. And there is no sign of it stopping.

Facebook message notification
  By Gelner Tivadar / Shutterstock

Like so many exploits, this one starts with user behavior. The victims of the hack had to download something. We don’t know if this was limited to a single browser. But one of the most cherished features of Chrome is the ease of obtaining a plethora of browser extensions. That feature also makes it a major target.

Downloading and installing free software of any kind from vendors you do not know and have not vetted is extremely hazardous to your digital health. This point cannot be overemphasized. Being a Facebook user and engaging in risky browsing behavior is almost a guarantee you will end up with some type of virus or hack before the day is over.

For many, leaving Facebook altogether is not an option, It is the only way to keep up with family and friends scattered all over the world. The utility of Facebook is undeniable. Fortunately, there are ways to make your account a little safer.

For starters, don’t give Facebook your phone number, address, or any personal information you don’t have to. Second, don’t include any information you might find awkward if leaked such as sexual orientation or relationship status.

Finally, use something other than a Facebook property to conduct private communications such as an encrypted chat client. Even then, you should say nothing that could come back to haunt you. Assume that regardless of the settings, everything on your account will eventually be public.

Remember that the data harvested by hackers is data you put on the service at some point. Make your account hack-proof by rendering it free of sensitive data. Also, never reuse your Facebook password. That is one of the key ways hackers use to guess more important passwords like the one to your bank account.