Facebook has rebuffed claims 600,000 accounts on the social networking site are accessed every day by unauthorised parties.
Sophos senior technology consultant Graham Cluley extrapolated official figures from Facebook that said ".06 per cent of over one billion logins per day are compromised."
"Put another way, that's more than 600,000 per day - or, if you really like to make your mind melt, one every 140 milliseconds," Cluley said in a blog post.
While Facebook does block (approximately) 600,000 log-ins per day, it is not that these Facebook accounts are compromised on Facebook.
However, Facebook denied the claims, saying 600,000 login attempts were blocked every day. Whenever Facebook deems an attempt to login as dubious, it asks the user to go through further security processes. If the user fails to pass these, access is blocked.
"While Facebook does block (approximately) 600,000 logins per day, it is not that these Facebook accounts are compromised on Facebook, and certainly not that they're 'hacked' as some have written," a Facebook spokesperson said.
"There may be compromised accounts that appear on Facebook, but more often than not they are compromised off of Facebook - they use the same password for e-mail as Facebook, they get phished, etc. Compromised in this sense refers to logins where we are not absolutely confident that the account's true owner is accessing the account and we either preemptively or retroactively block access."
Security updates
The revelation came on the same day Facebook launched a host of additions designed to improve security on the site.
The Trusted Friends feature allows those locked out of their email and Facebook accounts to get back onto the social network. In such a scenario, selected contacts are sent a code that can be handed to the victim to let them back into their Facebook account.
App Passwords means users can add passwords to certain third-party applications.
HTTPS can now also be turned on permanently as Facebook looks to up its security game.
Earlier this year, the social networking giant opened up a bug bounty hunter scheme.
