WSJ Report: Facebook Breach the Work of Spammers, Not Nation-State Actors

A report by the Wall Street Journal points finger at group that is known to Facebook Security.

The recent Facebook breach that hit 30 million accounts was caused by spammers — not by a nation-state attack group — according to a report by the Wall Street Journal. 

The attackers did not go after message contents or history. Instead, according to the Wall Street Journal, "…they accessed contact details—including phone numbers and email addresses—gender, relationship status, and search and check-in data belonging to 14 million users. For another 15 million users, only names and contacts were accessed…"

Why go after this sort of information and not dig deeper for more sensitive personal data? While Facebook has not publicly identified the hackers, citing on-going investigations involving the FBI, people familiar with the investigation are quoted by the Wall Street Journal as saying they are, "…a group of Facebook and Instagram spammers that present themselves as a digital marketing company, and whose activities were previously known to Facebook’s security team."

The reason the spammers want the information, according to Wired, has to do with the quality of phishing message that can be built with the granular data discovered in this breach. Whether the scammer is attempting to blackmail the user or just write a compelling spearphishing message, more data equals better results.

Responding to the latest news, Lawrence Pingree, executive vice president, product management, at SonicWall said, "The sheer amount of user data and personal information that the Facebook spammers gained access to is staggering. Though organizations may feel heightened tension around threats from nation states, this is a stark reminder that equally nefarious and damaging action can be done by the more common spammer."

Related content:


Black Hat Europe returns to London Dec 3-6 2018  with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.

About the Author(s)

Curtis Franklin, Principal Analyst, Omdia

Curtis Franklin Jr. is Principal Analyst at Omdia, focusing on enterprise security management. Previously, he was senior editor of Dark Reading, editor of Light Reading's Security Now, and executive editor, technology, at InformationWeek, where he was also executive producer of InformationWeek's online radio and podcast episodes

Curtis has been writing about technologies and products in computing and networking since the early 1980s. He has been on staff and contributed to technology-industry publications including BYTE, ComputerWorld, CEO, Enterprise Efficiency, ChannelWeb, Network Computing, InfoWorld, PCWorld, Dark Reading, and on subjects ranging from mobile enterprise computing to enterprise security and wireless networking.

Curtis is the author of thousands of articles, the co-author of five books, and has been a frequent speaker at computer and networking industry conferences across North America and Europe. His most recent books, Cloud Computing: Technologies and Strategies of the Ubiquitous Data Center, and Securing the Cloud: Security Strategies for the Ubiquitous Data Center, with co-author Brian Chee, are published by Taylor and Francis.

When he's not writing, Curtis is a painter, photographer, cook, and multi-instrumentalist musician. He is active in running, amateur radio (KG4GWA), the MakerFX maker space in Orlando, FL, and is a certified Florida Master Naturalist.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights