The company said a recent security breach impacted 30 million users, which is about 20 million fewer than they first announced in late September. Among the 30 million affected users, 14 million had their names, contact information and sensitive information, such as their gender, relationship status and recent place check-ins, exposed to the attackers. Another 15 million users had their names and contact information breached, and 1 million users solely had their access tokens stolen. Facebook has reset the access tokens for all of those users.
Facebook also published a website (https://www.facebook.com/help/securitynotice?ref=sec) where users can go to check if their accounts where affected by the breach. Facebook fixed its vulnerabilities, stopped the attack and reset the access tokens for impacted users The company said the breach is under investigation by the FBI, which asked Facebook “not to discuss who may be behind this attack.” The company had also notified the U.S. Federal Trade Commission and the Irish Data Protection Commission. Facebook has been dealing with several issues concerning the health of its service throughout 2018. The company says third-party apps and Facebook apps like WhatsApp and Instagram were unaffected by the breach.