Skip to main content
  1. Home
  2. Computing
  3. Social Media
  4. Web
  5. News

Hackers sold 120 million private Facebook messages, report says

By
Add as a preferred source on Google
Image used with permission by copyright holder

Up to 120 million private Facebook messages were being sold online by hackers this fall, according to a report from the BBC. The breach was first discovered in September and the messages were obtained through unnamed rogue browser extensions which monitored users by mining their information while browsing through the social media website.

Although Facebook is claiming that its systems were not breached as part of the hack, affected users were primarily based in Ukraine and Russia. Some users from the United States were also reportedly impacted after a hacker on an online forum attempted to sell the Facebook information at a rate of 10 cents per account.

Recommended Videos

“We have contacted browser-makers to ensure that known malicious extensions are no longer available to download in their stores. …We have also contacted law enforcement and have worked with local authorities to remove the website that displayed information from Facebook accounts,” Facebook executive Guy Rosen told the BBC.

Sample data from 81,000 Facebook profiles was also posted online by hackers in order to gain interest in possible sales. The group behind the hack originally told the BBC that data from 120 million Facebook accounts were up for purchase, but cybersecurity experts have been skeptical of that figure.

Still, BBC spoke to impacted users who revealed their information was indeed stolen and also listed on the forum. Data from those accounts included photos from a vacation, a chat about a Depeche Mode concert, and even an “intimate correspondence between two lovers.”

This is not the first time that Facebook has faced a hack. In September, the social media platform announced that up to 50 million accounts were compromised due to a flaw in access tokens and the “View As” feature.

As this latest hack involves the use of browser extensions, it is always best to check which source an extension is coming from, and which permissions it is being granted access to. That is a small step to take, but Google has been larger steps to ensure extensions are safer. In Chrome 70, consumers can restrict host access (website access) by clicking on an extension and selecting an option from the drop-down menu.

Arif Bacchus
Arif Bacchus
Former Computing Writer
Arif Bacchus is a native New Yorker and a fan of all things technology. Arif works as a freelance writer at Digital Trends…
Topics
Razer’s new Blade 18 gets Arrow Lake refresh and a modest $3,999.99 starting price
For $3,999.99, you get the base model with Nvidia RTX 5070 Ti. A 5090 variant is available, too.
Razer Blade 18.

Razer has officially unveiled the 2026 Blade 18 today, and at the heart of all three configurations is an Intel Arrow Lake processor. 

I’m talking about the Core Ultra 9 290HX Plus, which features 24 cores, up to 5.5GHz clock speed (with boost), 36MB cache, and an onboard NPU that delivers up to 13 TOPS of compute power. 

Read more
Windows 11 will clean up its own driver mess so you don’t have to
Say goodbye to the nightmare of hunting down broken drivers after a bad Windows update.
Surface laptop on wooden table

It seems that Microsoft is keeping up its promise of making Windows 11 better. After introducing a new low-latency mode that speeds up app launches and an update that fixes the RAM memory leak issue, the tech giant is testing a new feature that addresses one of its most prominent problems. 

The new feature is called Cloud-Initiated Driver Recovery, and it can automatically roll back a broken driver that was pushed to your PC through Windows Update. 

Read more
After flubbing with Siri, Apple plans to host AI agents on the App Store
One problem is about money Apple won't commit to not charging. The other is about AI agents Apple can't figure out how to control. WWDC needs to solve both.
Electronics, Mobile Phone, Phone

Apple is currently facing a Siri problem that has nothing to do with Siri at all. With WWDC 2026 just weeks away, The Information reports the company is actively courting developers to integrate their apps with the new Siri coming in iOS 27. 

The mechanism powering the overhauled Siri, App Intents, is an API that lets Siri execute actions inside third-party apps without you actively opening them, which sounds quite useful, I’d say. However, some of the world’s largest developers are dragging their feet on it, not because it’s tough, but because Apple left the door open on charging for it later.

Read more