That suggests Facebook may know or suspect who's behind the breach. Facebook Inc said in late September that hackers stole digital login codes allowing them to take over almost 50 million user accounts in its worst security breach ever, but did not confirm if information had actually been stolen.
Affected users should be on the lookout for unwanted phone calls, text messages or emails from people they don't know and attempts to use their email address and phone number to target spam or attempts to phish for other information. While Facebook claimed that fewer users - 30 million and not 50 million as originally thought - had their access tokens stolen by exploiting 400,000 accounts.
Although the hackers could have used the flaw to steal information belonging to other, third-party apps that use Facebook as a login method, Facebook said Friday that no outside apps appear to have been affected. And if yes, Facebook says hackers will not be able to retrieve any more information (that what they have already had access to) from your compromised accounts.
The hackers had used access tokens to get into the accounts between September 14-27, which have since been invalidated, Facebook said. For 14 million of them, hackers got even more data, such as hometown, birthdate, the last 10 places they checked into or the 15 most recent searches.
Wondering whether you are one of the 29 million Facebook users who had their personal details - including location and search history - stolen by hackers?
The bugs that allowed the attack to occur gave hackers the ability to effectively take over Facebook accounts on a widespread basis, Facebook said when it disclosed the breach.
Kanye West has a bad iPhone passcode
Ardent Donald Trump supporter Kanye West visited the White House on Thursday for a sit-down chat with the president. Bush said in 2010 that he felt West's accusation was the " all-time low " point of his two-term presidency.
Shedding new light on the hack, Mr Rosen said the attackers used an "automated technique" to move from account to account stealing tokens of friends-of-friends, "totalling about 400,000 people".
That feature allows users to check privacy settings by glimpsing what their profile looks like to others. If you were, it will list the information of yours that was accessed.
New York Times reporter Mike Isaac summed up the feeling of many affected Facebook users when he tweeted a screenshot of his stolen personal information.
So, if Facebook says your "account has not been impacted", are you in the clear? With an access token, an attacker could take over your account and use it as if they were you. On September 25, we determined this was actually an attack and identified the vulnerability. Friday's update made clear that it did, although the 30 million people affected was less than the 50 million estimate previously given. The more data a hacker has about someone, the more believable they can make the email lure. All you have to do is visit this security notice page on Facebook.
The data hackers gleaned from the social network could be used for identity theft, and to access accounts ranging from those at banks and other financial institutions to online stores.
In addition, affected users will receive messages in the coming days with details on what information may have been accessed, as well as steps to take to protect themselves.