Facebook has just announced additional details on last month's data breach. The company now says that only 30 million accounts had their access tokens stolen instead of the 50 million they had originally believed, and of those 30 million, 15 million users just had their emails and phone numbers taken.
Worse, however, is that for 14 million unlucky users, the hackers were able to access both email info and phone numbers plus their "username, gender, locale/language, relationship status, religion, hometown, self-reported current city, birthdate, device types used to access Facebook, education, work, the last 10 places they checked into or were tagged in, website, people or Pages they follow, and the 15 most recent searches" as well.
In an updated post on Facebook's newsroom, the company says it's working with the FBI, who is actively investigating the situation, and therefore can't reveal who they believe were behind the attack. People can check whether they were affected by visiting Facebook Help Center. In the coming days, they will send customized messages to the 30 million people affected to explain what information the attackers might have accessed, as well as steps they can take to help protect themselves, including from suspicious emails, text messages, or calls.