Facebook says the security breach it announced late last month impacted fewer people than initially expected, though hackers still collected personal data from 29 million users.
Facebook reported Friday that 30 million accounts were compromised in the September breach in which a software “vulnerability” gave hackers access to a digital “token” that enabled them to log in to millions of user accounts. Originally, Facebook had estimated 50 million accounts might have been compromised. They’ve revised that number to 30 million.
That’s the “good” news. The bad news is these hackers did indeed collect personal user data from 29 million of those 30 million accounts, Facebook says. That includes the name and contact info — phone numbers and emails — for all 29 million people. The hackers also collected a lot of other information on 14 million of those 29 million users, including but not limited to “gender, locale/language, relationship status, religion [and] hometown,” Facebook wrote.
Recode also directs users to a tool to check if their data was stolen.