Why you can trust us

Engadget has been testing and reviewing consumer tech since 2004. Our stories may include affiliate links; if you buy something through a link, we may earn a commission. Read more about how we evaluate products.

Facebook says recent data breach wasn't 'related to the midterms'

The company says it is actively investigating the attack with the FBI.

Even though the number of users affected by Facebook's most recent hack was lowered to 29 million, from 50 million, it's still safe to say the attack was worse than originally thought. That's because we now know that the breach, which Facebook revealed a couple of weeks ago, exposed very detailed information of 14 million of those users, including their username, birthdate, gender, location, relationship status, religion, hometown, self-reported current city, education, work, the devices they used to access Facebook and the last 10 places they checked into (or were tagged in) on the site. The attackers, whose identities Facebook won't reveal because of an ongoing FBI investigation, were also able to view which people/Pages were followed by these 14 million users, as well as their 15 most recent searches on Facebook.

With the midterm elections in the US just around the corner, this type of information could be extremely valuable to anyone looking to interfere come November. But, during a call with reporters on Friday, Facebook's VP of Product Management Guy Rosen, said that the company has "no reason to believe this specific attack was related to the midterms." He said protecting elections is a "big focus" for Facebook and that it has many teams "ensuring that we can protect the security of the upcoming elections, as well as all other elections around the world.

Rosen, again citing the ongoing FBI investigation, said he couldn't provide a detailed breakdown of the amount of affected users by country, only going as far as saying the "attack was fairly broad." Over the coming days, Facebook will begin alerting people whose information was exposed, which will let them know whether they were part of the 14 million or 15 million group. The latter is less severe, yet still serious, since hackers were only able to access their name and contact details, such as phone number, email or both, depending on what info they had on their profile.

"We take these incidents very, very seriously, and nothing is more important to us than the security of people's information." Rosen said, in response to a question about why people should continue to trust Facebook after incidents like this and the Cambridge Analytica scandal. "That's why we're coming forward consistently to explain what we have learned. We know adversaries will always be interested in services like ours, that's why it's very important for us to invest in this and to make sure that we can improve our detection capabilities and we can strengthen our defenses."