The hackers that managed to obtain access to 30 million Facebook accounts were not acting under the orders of a foreign state, a report in the Wall Street Journal has claimed. Citing people familiar with the company’s internal investigation, the report says that the hackers were instead affiliated with a supposed “digital marketing company” and sought to make money via deceptive advertising. Facebook has so far declined to publicly comment on the identity of the hackers, citing its ongoing cooperation with the FBI as the reason for its silence.
The hack, which was disclosed by Facebook in late September, is thought to have resulted in the theft of 30 million access tokens for the service. These digital keys would theoretically allow a hacker to gain complete access to their associated profiles. In reality, Facebook estimates that the hackers accessed basic contact information like names and contact details for 14 million accounts and additional information (such as birth dates, recent search histories, and relationship statuses) for a further 15 million. No information is thought to have been gathered from the final one million.
The news will be of little reassurance to users of Facebook caught between the Cambridge Analytica scandal and Russian-state actors who exploited the platform to influence the 2016 US election. This particular hack might not have been expressly political but there’s a long list of platform abuses that were.