Facebook has rebuffed claims 600,000 accounts on the social networking site are accessed every day by unauthorised parties.
Sophos senior technology consultant Graham Cluley extrapolated official figures from Facebook that said ".06 per cent of over one billion logins per day are compromised."
"Put another way, that's more than 600,000 per day - or, if you really like to make your mind melt, one every 140 milliseconds," Cluley said in a blog post.
While Facebook does block (approximately) 600,000 log-ins per day, it is not that these Facebook accounts are compromised on Facebook.
However, Facebook denied the claims, saying 600,000 login attempts were blocked every day. Whenever Facebook deems an attempt to login as dubious, it asks the user to go through further security processes. If the user fails to pass these, access is blocked.
"While Facebook does block (approximately) 600,000 logins per day, it is not that these Facebook accounts are compromised on Facebook, and certainly not that they're 'hacked' as some have written," a Facebook spokesperson said.
"There may be compromised accounts that appear on Facebook, but more often than not they are compromised off of Facebook - they use the same password for e-mail as Facebook, they get phished, etc. Compromised in this sense refers to logins where we are not absolutely confident that the account's true owner is accessing the account and we either preemptively or retroactively block access."
Security updates
The revelation came on the same day Facebook launched a host of additions designed to improve security on the site.
The Trusted Friends feature allows those locked out of their email and Facebook accounts to get back onto the social network. In such a scenario, selected contacts are sent a code that can be handed to the victim to let them back into their Facebook account.
App Passwords means users can add passwords to certain third-party applications.
HTTPS can now also be turned on permanently as Facebook looks to up its security game.
Earlier this year, the social networking giant opened up a bug bounty hunter scheme.
-
Intune flaw pushed Windows 11 upgrades on blocked devicesNews Microsoft is working on a solution after Intune upgraded devices contrary to policies
-
Asus ZenScreen Fold OLED MQ17QH reviewReviews A stunning foldable 17.3in OLED display – but it's too expensive to be anything more than a thrilling tech demo
-
96% of SMBs are missing critical cybersecurity skills – here's whyNews The skills shortage hits SMBs worse as they often suffer from a lack of budget and resources
-
Sophos Firewall Virtual review: Affordable network protection for those that like it virtualizedReviews Extreme network security that's cheaper than a hardware appliance and just as easy to deploy
-
MSPs are struggling with cyber security skills shortagesNews A shortage of tools and difficulties keeping pace with solutions were also ranked as key issues for MSPs
-
Nearly 70 software vendors sign up to CISA’s cyber resilience programNews Major software manufacturers pledge to a voluntary framework aimed at boosting cyber resilience of customers across the US
-
Sophos and Tenable team up to launch new managed risk serviceNews The new fully managed service aims to help organizations manage and protect external attack surfaces
-
Ransomware groups are using media coverage to coerce victims into payingNews Threat actors are starting to see the benefits of a more sophisticated media strategy for extracting ransoms
-
Shrinking cyber attack “dwell times” highlight growing war of attrition with threat actorsNews While teams are becoming more proficient at detecting threats, attackers are augmenting their strategies
-
Latest Meta GDPR fine brings 12-month total to more than €1 billionNews Meta was issued with two hefty GDPR fines for “forcing” users to consent to data processing
