Hackers are reportedly offering to sell private messages from at least 81,000 Facebook accounts.
Many of the compromised accounts belong to Facebook users in Ukraine and Russia, but some are from the US, the UK, Brazil and other countries, the BBC reported Friday.
The hackers claim to have details from 120 million accounts. They are offering to sell them at 10 cents per account.
The BBC noted that it's unlikely Facebook would've missed such a huge breach. However, the BBC did confirm that more than 81,000 accounts published as a sample contained private messages and that five Russian users affirmed that their messages were among them. One of the sites where the data was published seems to have been set up in St. Petersburg, the BBC said.
Watch this: Facebook explains breach that exposed data on 50 million users
After investigating the claims, Facebook said it suspects the account information was gathered by "malicious browser extensions," which can range from online shopping assistants to ad blockers. They're generally available through browser makers' stores and have access to information about people's web activity across online services they use.
"We have contacted browser makers to ensure that known malicious extensions are no longer available to download in their stores and to share information that could help identify additional extensions that may be related," Guy Rosen, Facebook's vice president of product management, said in an emailed statement.
"We have also contacted law enforcement and have worked with local authorities to remove the website that displayed information from Facebook accounts."
Rosen also suggested people check any browsers extensions they've installed and "remove any that they don't fully trust."
The nine types of Facebook ads that Russian trolls paid for