Facebook: fewer users impacted by Cyberattack, but personal details accessed

Facebook on Friday said that a security breach it disclosed last week compromised data on approximately 30 million users, not the 50 million the social media giant initially reported.

Of those 30 million, hackers gained access to the names and contact details of 15 million users. Another 14 million users not only had their names and contact details compromised, but they also had additional personal information compromised.

For 1 million Facebook users, the hackers did not access any information.

Last Friday, when the company initially unveiled the attack, it said it could have affected about 50 million accounts.

Facebook indicated that hackers stole access tokens through its “view as" feature. The hackers could use these tokens to take over people’s accounts.

When the company initially reported the attack it said that it had fixed the vulnerability in its code that allowed hackers access. The company, which has informed law enforcement officials of the breach, is temporarily turning off its “view as” feature while it conducts a security review.

Last Friday Facebook said that it had temporarily reset access tokens of almost 50 million accounts and as a precaution, was resetting access tokens for another 40 million accounts.

The social media giant said it will continue investing heavily in security.

In its latest update, the company said that it will continue to cooperate with the FBI, the U.S. Federal Trade Commission, the Irish Data Protection Commission and other authorities on cybersecurity matters.