Cross-posted from Gizmodo:
Facebook just announced that it was hacked last month in a short statement on its website. Apparently, an unknown number employees visited a compromised developer site and were infected with malware. Facebook’s being very cagey about all this, but we’ve been able to scrounge up some details.
According to the statement, the company reacted swiftly with an investigation and remediation following the “sophisticated attack.” The company won’t say which law enforcement agencies it’s working with. It claims no user data was compromised.
What a surprise, Facebook waited until the end of the day on a Friday to tell us about an oopsies.
Here’s the full statement from the company.
Last month, Facebook Security discovered that our systems had been targeted in a sophisticated attack. This attack occurred when a handful of employees visited a mobile developer website that was compromised. The compromised website hosted an exploit which then allowed malware to be installed on these employee laptops. The laptops were fully-patched and running up-to-date anti-virus software. As soon as we discovered the presence of the malware, we remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day. We have no evidence that Facebook user data was compromised in this attack
We’ve reached out to the company for additional comment regarding the nature of the hack and other details. We’ll update when we hear back. [Facebook]
Facebook responded to our request for comment with the following. The company says it isn’t commenting further at this time.
We were able to investigate user data compromise [sic] by forensic analysis on the affected devices and infrastructure.