Facebook says it was hacked, claims member data safe

In January, employees at the social network unknowingly downloaded malware that compromised the security of the site.

Facebook

Facebook today admitted that its systems were hacked last month when staffers unknowingly installed malware to laptops. The social network called the attack sophisticated, but claimed that no user data was compromised.

"This attack occurred when a handful of employees visited a mobile developer website that was compromised," Facebook said in a statement posted today on its security blog. "The compromised website hosted an exploit which then allowed malware to be installed on these employee laptops."

The social network identified the attack as a "zero day" Java exploit that allowed the website in question to bypass employees' security software and install the offending software. Oracle, which manages Java, was alerted to the vulnerability. The company issued a patch to fix the problem on February 1, Facebook said.

Despite only admitting to the hack after the fact, Facebook hopes to reassure users that their personal information was not passed on to attackers. "Foremost, we have found no evidence that Facebook user data was compromised," the company said.

Facebook said that it is in cooperation with law enforcement and has worked with other organizations that were victims of the same exploit.

About the author

Jennifer Van Grove covers the social beat for CNET. She loves Boo the dog, CrossFit, and eating vegan. Her jokes are often in poor taste, but her articles are not.

 

Join the discussion

Conversation powered by Livefyre

Show Comments Hide Comments
Latest Galleries from CNET
Nissan gives new Murano bold style (pictures)
Top great space moments in 2014 (pictures)
This is it: The Audiophiliac's top in-ear headphones of 2014 (pictures)
ZTE's wallet-friendly Grand X (pictures)
Lenovo reprises clever design for the Yoga Tablet 2 (Pictures)
Top-rated reviews of the week (pictures)