The security flaw reported by the social network in September affected fewer accounts than originally forecast. The technology also helps you to see if your account has been compromised and what it can do.
Facebook revealed that the authors of its latest security flaw used the 400,000-person friend lists to steal access data from nearly 30 million accounts instead of the 50 million advanced at the time.
In a statement, the social network explained that the name, email and telephone contact information of 15 million users have been accessed and that the hackers have been able to gain access to additional information from 14 million accounts, including religion, the last 10 sites visited and the last 15 searches made on Facebook.
The technology also clarified that although the hackers still had access to the data of one million users, they did not have any data compromised.
Attackers were able to access this data through the "see how" tool that allows users to view the profile as other users. This feature has allowed hackers to connect to accounts through incoming tokens (when the password is stored in a profile to be opened automatically).
According to the social network, it is not necessary to change the password with the security measures that have already been taken. "No one needs to log out and no one needs to change passwords," said Guy Rosen.
Facebook has confirmed the information it had previously given before third-party sites with this data were unavailable and that this attack did not include other applications that use network services or that belong to the same network, such as Messenger, Instagram and Whatsapp, among others .
To find out if you were affected by the security breach, you can access the Facebook Help Center where you can see the phrase "Is my Facebook account impacted by this security issue?"
If you are among the "victims" the "Yes" information appears, as well as what data has been accessed, but if your data has not been compromised, it will indicate that although the "investigation is still ongoing", the attackers did not access to your information.
The social network said in the coming days that it will send detailed information to the 30 million people affected to explain what information the attackers have accessed, as well as the measures that can be taken for greater protection.