Allegedly, the perpetrators told the BBC Russian Service that they had information from 120 million accounts and it was up for sale. They offered to sell the data for 10 cents per account.
Facebook blames malicious browser extensions for this data breach. Users in UK, US, Brazil, Ukraine, Russia, and few other regions might have been affected.
The breach was first spotted in September when a user named ‘FBSaler’ put up a post saying “We sell personal information of Facebook users. Our database includes 120 million accounts”.
Third-party extensions like bookmarking applications, shopping assistants, and more offered by various browsers like Chrome, Opera and others are being blamed by Facebook for this data breach.
The BBC Russian Service, upon contacting five Russian accounts to confirm whether the messages published were theirs, found that it was. The breach therefore maybe legit and not a malicious deception.
BBC Russian Service also contacted the perpetrators to confirm whether the affected accounts were related to the Cambridge Analytica Scandal or the recent, massive breach of 50 million accounts, they mentioned this breach had no links to either of these.
Facebook has contacted browser-makers to annul all browser extensions for the time being, and also notified law enforcement and local authorities to remove all websites displaying sale of the breached data. However, it might make little difference as potential buyers may contact the sellers personally.
Many questions like speculations about the number of accounts affected, whether people who use Facebook through the app have been affected or is it just the people using the platform through the browser and what led to the conclusion of malicious extensions being the sole reason for the breach, remain unanswered.