It appears that hackers were able to compromise and publish private messages retrieved from at least 81,000 Facebook users' accounts.
In a report made to the BBC Russian Service, it turns out that they had details from a total of 120 million accounts. These hackers were actually trying to sell the information.
On the other end, Facebook denied allegations that its security had been compromised. Adding that the data had probably been obtained through malicious browser extensions.
The social media giant reported that it has taken the necessary steps to prevent this from happening in the future. According to BBC, most of the users whose details have been compromised are based in Ukraine and Russia. But there are some who are in the UK, US, Brazil and elsewhere.
The offer made by the hackers was going for 10 cents (8p) per account. However, their advert has since been taken offline.
"We have contacted browser-makers to ensure that known malicious extensions are no longer available to download in their stores," said Facebook executive Guy Rosen."We have also contacted law enforcement and have worked with local authorities to remove the website that displayed information from Facebook accounts."
This surfaced for the first time in September, following a post from a user nicknamed FBSaler appeared on an English-language internet forum."We sell personal information of Facebook users. Our database includes 120 million accounts," the user wrote.
The claim was examined by a cyber-security company, Digital Shadows, on behalf of the BBC and confirmed that more than 81,000 of the profiles posted online as a sample contained private messages. Data derived from 176,000 accounts were also made available, although some of the information - including email addresses and phone numbers - could have been scraped from members who had not hidden it.
Five Russian Facebook users were contacted by BBC Russian Service since their private messages had been uploaded, BBC was able to confirm the posts belonged to them.
It has also been established that one of the websites where the data had been published appeared to have been set up in St Petersburg. The IP address has also been flagged by the Cybercrime Tracker service. The same address was used to spread the LokiBot Trojan that allows attackers to gain access to user passwords.
In this case, who do we blame? We know that various browsers offer bookmarking applications, personal shopping assistants, and even mini-puzzle game.
We have these little icons that sit alongside your URL address bar patiently waiting for you to click on them. Based on information provided by Facebook, it was one such extension that quietly monitored victims' activity on the platform and sent personal details and private conversations back to the hackers.
However, Facebook is yet to name the extensions that it believes were involved but says the leak was not its fault. This claim has been validated by independent cyber-experts. The experts said that if rogue extensions were indeed the cause, the browsers' developers might share some responsibility for failing to vet the programs.
The hack will still remain to be bad news for Facebook, the social network has had a terrible year for data security and questions will be asked about whether it is proactive enough in responding to situations like this.
One of the addresses provided alongside the hacked details was contacted by BBC Russian Service posing as a buyer. The advertiser was asked if the breached accounts were the same as those involved in either the Cambridge Analytica scandal.
In response, they said that the information had nothing to do with either data leak. Adding that the hacking group could offer data from 120 million users, of whom 2.7 million were Russians. However, this is very doubtful because it was unlikely Facebook would have missed such a large breach.
