What's going on: Hackers told BBC News they have access to 120 million accounts, which they are attempting to sell to interested parties. "Our database includes 120 million accounts", one advert said. The private Facebook messages of at least 81,000 people have reportedly been stolen, probably due to an exploit in a browser extension, and compromised accounts are now apparently up for sale for just $0.10 (£0.08) apiece.
"We sell personal information of Facebook users". Cybersecurity firm Digital Shadows investigated the claim, and found that more than 81,000 accounts put online as a sample contained private messages.
"We have contacted browser-makers to ensure that known malicious extensions are no longer available to download in their stores", Facebook executive Guy Rosen told the site.
As per the report, most users whose accounts were compromised are based in Ukraine and Russian Federation, though some are from the UK, US, Brazil and elsewhere as well. We have also contacted law enforcement and have worked with local authorities to remove the website that displayed information from Facebook accounts.
The BBC says it contacted 5 users (from Moscow, Belgorod and Perm) affected by the breach, who all confirmed that the texts available online were indeed their private Facebook messages.
GM offers buyouts to 18K workers after posting strong profit
The employees have until the end of November to accept, and if so, must agree to leave GM by the end of the year. GM was hit once again by costs associated with its giant recall for faulty ignition switches.
"Browsers like Chrome can be very secure, but browser extensions can introduce serious gaps in their armour". But as you'd expect, there are also more sensitive discussions, including "intimate correspondence between two lovers", as the BBC describes it.
Without naming the extensions, Facebook explains that these malicious extensions quietly monitored users' activity, and sent data back to the hackers, without the users' knowledge.
Facebook is having a bad year for data privacy.
Facebook is under the microscope ever since the Cambridge Analytica scandal came to light and the social networking platform is trying to deal with every situation carefully.
When asked about a possible connection to the Russian state or Kremlin-run programs like the Internet Research Agency, a representative for the hacking group only identified as John Smith said there was no connection.