Facebook announced on Friday that hackers accessed personal details of approximately 29 million users in a major security breach that was announced late last month.
The company had initially estimated that nearly 50 million users could have been affected in the cyberattack in September. While a fewer number of users were affected than initially feared, Facebook vice president for product management Guy Rosen revealed names, phone numbers and email addresses of up to 15 million users were targeted.
Facebook revealed that for another 14 million people, additional details—such as gender, home town, age and places that they visited (checked in)—were accessed.
Facebook revealed the September breach did not affect other platforms associated with it including Messenger, Instagram, WhatsApp and Oculus.
Facebook also explained that the September breach involved a vulnerability in its code related to the 'view as' feature, a privacy tool that allowed users to see how their profiles appeared to others. Facebook has disabled the 'view as' feature as a precautionary measure. Facebook also reset 50 million passwords.
Facebook announced that the breach started on September 14, but was only detected nearly two weeks later.
(With PTI inputs)
