Last month, Facebook announced that hackers may have accessed as many as 50 million user profiles without their permission by taking advantage of a vulnerability in Facebook’s code. Today, the company has issued an update on the security incident revealing that around 30 million accounts were affected by the breach.
While a lower number of compromised accounts than initially suspected may sound like good news, the bad news is that these hackers did indeed collect personal user data from 29 million of those 30 million accounts, including names, contact info, phone numbers, and emails, according to Facebook.
The hackers also collected a lot of other information on 14 million of those 29 million users, including but not limited to “gender, locale/language, relationship status, religion [and] hometown,” notes Facebook.
“In the coming days, we’ll send customized messages to the 30 million people affected to explain what information the attackers might have accessed, as well as steps they can take to help protect themselves, including from suspicious emails, text messages, or calls.
This attack did not include Messenger, Messenger Kids, Instagram, WhatsApp, Oculus, Workplace, Pages, payments, third-party apps, or advertising or developer accounts.”
Users can check whether they were affected by visiting Facebook’s Help Center.