People's private Facebook messages are being sold on the internet for anyone to read.

Tens of thousands of people's secret chats are being traded without their knowledge, according to a BBC report.

In all, at least 81,000 people's messages are being swapped online, the report claimed. Many of them came from Ukraine and Russia, but many more besides were from users in the UK, the US, Brazil and elsewhere.

Compromised accounts that were caught up in the hack are being sold for just $0.10 each, according to the report.

The leak does not appear to have come from Facebook itself, despite a series of data scandals. Instead, it appears to have been the consequence of malicious browser extensions, which install themselves onto people's computers and are then able to watch their activity and break into their account.

The hackers claimed to have access to 120 million accounts, but they appear to have been exaggeration the scale of the attack. However, the hackers showed some evidence of having the messages of some 81,000 people, a number of which were checked with account holders and confirmed to be genuine.

Facebook said it had contacted browser companies to ensure that the malicious extensions were no longer used. But it advised its users to check the extensions they have installed and remove any that might be malicious.

“Based on our investigation so far, we believe this information was obtained through malicious browser extensions installed off of Facebook,” Guy Rosen, Facebook's vice president of product management, said in a statement emailed to a number of outlets.

“We have contacted browser makers to ensure that known malicious extensions are no longer available to download in their stores and to share information that could help identify additional extensions that may be related,” Rosen said. “We have also contacted law enforcement and have worked with local authorities to remove the website that displayed information from Facebook accounts.”

“We encourage people to check the browser extensions they’ve installed and remove any that they don’t fully trust. As we continue to investigate, we will take action to secure people’s accounts as appropriate.”

Comments

Share your thoughts and debate the big issues

Learn more
Please be respectful when making a comment and adhere to our Community Guidelines.
  • You may not agree with our views, or other users’, but please respond to them respectfully
  • Swearing, personal abuse, racism, sexism, homophobia and other discriminatory or inciteful language is not acceptable
  • Do not impersonate other users or reveal private information about third parties
  • We reserve the right to delete inappropriate posts and ban offending users without notification

You can find our Community Guidelines in full here.

  • Newest first
  • Oldest first
  • Most liked
  • Least liked
Loading comments...
Please be respectful when making a comment and adhere to our Community Guidelines.

Community Guidelines

  • You may not agree with our views, or other users’, but please respond to them respectfully
  • Swearing, personal abuse, racism, sexism, homophobia and other discriminatory or inciteful language is not acceptable
  • Do not impersonate other users or reveal private information about third parties
  • We reserve the right to delete inappropriate posts and ban offending users without notification

You can find our Community Guidelines in full here.

  • Newest first
  • Oldest first
  • Most liked
  • Least liked
Loading comments...