This week, Facebook revealed the full extent of the recent hack that constituted the biggest security breach in the company’s history. While it was originally reported that 50 million users had been affected, Facebook revised the total to 30 million — which is obviously still a staggering amount of people.
The attackers were able to exploit a flaw in Facebook’s security that allowed them to steal users’ access tokens, and thus their information. According to the company, about 15 million users had their name and contact information taken — including phone numbers and email addresses. Another 14 million users had much, much more revealed.
According to Facebook, the information stolen from those 14 million people was extensive, and included: “username, gender, locale/language, relationship status, religion, hometown, self-reported current city, birth date, device types used to access Facebook, education, work, the last 10 places they checked into or were tagged in, website, people or Pages they follow, and the 15 most recent searches.”
Facebook is also investigating the possibility of a series of small-scale attacks that could’ve occurred alongside the central hack. What’s worse, the company didn’t even notice the hack was occurring for a full 11 days.
The company has promised to send a message to the 30 million affected users, but in the meantime, you can check the Facebook Help Center to find out if your account was hacked.