WASHINGTON: The Preliminary findings of Facebook's internal investigation team, in the 30 million Account data breach fiasco, underlines that the hackers were basically spammers with the motive of making illicit financial gains by manipulating user data.
Preliminary findings suggest that the hackers were not affiliated to any nation-state and any political motives have been ruled out thus far.
Facebook's security team has been investigating the incident since September 25, when it discovered that someone was downloading a large quantity of digital access tokens on the social network.
The modus operandi of the Facebook and Instagram spammers, who presented themselves as digital marketing companies, has been identified as they exploited the vulnerability in Facebook's "view as" feature, which lets people see how their profiles appear to them notes.
Three obscure bugs in Facebook's code allowed the outsiders to steal the data, making it a complicated attack to execute, Wall Street Journal reported.
While the digital access token stolen by the hackers allowed them to access any part of a users account including personal messages, the hackers are known to have accessed only a limited subset of data reducing the possibility of espionage by an ideological rival nation.
Instead of accessing personal messages, hackers accessed information which included contact details of users, their relationship data etc.
while in many cases only names and contacts were accessed.
On the question of exposing the identities of the hackers, Facebook declined to share any details citing FBI directions, which is also investigating the case.