A Dodgy Browser Extension May Have Stolen Up To 81,000 Messenger Chats

Browser Extension

Facebook‘s Vice President of Product Management has made a statement warning users about a malicious browser extension, after reports that the private messages of up to 81,000 people may have been compromised and leaked.

The breach came to light after BBC News reported that hackers were offering to sell access to users’ information for around 14 cents per account. Affected accounts mainly appear to be in Russia and the Ukraine, but others in the UK, the US, Brazil and elsewhere have been caught up.

Hackers claimed to have gained access to 120 million accounts, but this figure has been disputed, based on the fact that much of the information they were offering for sale appears to have been scraped from public profiles. The 81,000 stolen Messenger chats, however, appear to be legitimate.

BBC News saw some of the private messages that were being offered for sale, and said that while most were fairly benign in nature, some were a lot more sensitive, including, as they put it, details of an “intimate conversation between two lovers.”

While the exact browser extension causing the problem remains unclear, Facebook’s Guy Rosen made a statement to the media saying that the platform has already taken action against the threat, and urging users to be vigilant.

He said that browser makers have been contacted and known malicious extensions are no longer available from their stores, and that Facebook has contacted law enforcement to remove a particular website that was displaying users’ private information.

“We encourage people to check the browser extensions they’ve installed and remove any that they don’t fully trust,” he continued. “As we continue to investigate, we will take action to secure people’s accounts as appropriate.”