Facebook Admits Hacking

FB securityAfter weeks of reported breaches, Facebook has admitted that it was hacked. The same issue with Oracle's Java software that allowed hackers to access data from 250,000 Twitter users provided inroads to Facebook. Although Facebook apparently knew about the breach for at least a month, the company just came clean.

In a blog post titled "Protecting People On Facebook," Facebook assured users that personal information was not compromised and that its systems have been fully patched to prevent future break-ins. The first two paragraphs provide context and the admission:

"Facebook, like every significant internet service, is frequently targeted by those who want to disrupt or access our data and infrastructure. As such, we invest heavily in preventing, detecting, and responding to threats that target our infrastructure, and we never stop working to protect the people who use our service. The vast majority of the time, we are successful in preventing harm before it happens, and our security team works to quickly and effectively investigate and stop abuse.

 "Last month, Facebook Security discovered that our systems had been targeted in a sophisticated attack. This attack occurred when a handful of employees visited a mobile developer website that was compromised. The compromised website hosted an exploit which then allowed malware to be installed on these employee laptops. The laptops were fully-patched and running up-to-date anti-virus software. As soon as we discovered the presence of the malware, we remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day."

 Next, one sentence appears in bold type:

"We have found no evidence that Facebook user data was compromised."

The post echos Twitter's blog post from February 1.

Discussion Starters:

  • What arguments does Facebook use in its post to convince us not to worry about the breach? Which do you find most and least convincing?
  • How easy is it for non-technical people to understand Facebook's post? What, if any, jargon or business slang can you identify?
  • How does Facebook's blog post compare to Twitter's? What similarities and differences do you notice?