Facebook has tentatively concluded that spammers looking to make money, and not a nation-state, were behind the largest-ever data theft at the social media company, the Wall Street Journal reported on Wednesday.
The people behind the attack were a group of Facebook and Instagram spammers that present themselves as a digital marketing company, and whose activities were previously known to Facebook’s security team, the Journal reported, citing people familiar with the company’s internal investigation.
Last week, Facebook said that cyber-attackers had stolen data from 29 million Facebook accounts using an automated program that moved from one friend to the next, adding that the data theft had hit fewer than the 50 million profiles it initially reported.
Facebook said in an email to Reuters that it was cooperating with the Federal Bureau of Investigation on this matter.
The breach has left users more vulnerable to targeted phishing attacks and could deepen unease about posting to a service whose privacy, moderation and security practices have been called into question by a number of scandals, cyber-security experts and financial analysts have said.
Facebook first disclosed the breach in late September and said it had fixed the issue soon after discovering it on September 25.
Facebook said it was conducting an internal investigation into the incident and last week cut the number of affected users from its original estimate after investigators reviewed activity on accounts that may have been affected.
It had also notified the FBI, Department of Homeland Security, Congressional aides and the Data Protection Commission in Ireland, where the company has European headquarters.