Facebook says target of sophisticated hacking attack

But says no user data was compromised

Facebook Inc said on Friday that it been the target of a series of attacks by an unidentified hacker group, but it had found no evidence that user data was compromised.

"Last month, Facebook security discovered that our systems had been targeted in a sophisticated attack," the company said in a blog post posted on Friday afternoon, just before the three-day Presidents Day weekend. "The attack occurred when a handful of employees visited a mobile developer website that was compromised."

The social network, which says it has more than one billion active users worldwide, also said, "Facebook was not alone in this attack. It is clear that others were attacked and infiltrated recently as well."

Facebook's announcement follows recent cyber attacks on other prominent websites. Twitter, the microblogging social network, said earlier this month that it had been hacked, and that approximately 2,50,000 user accounts were potentially compromised, with attackers gaining access to information including user names and email addresses.

Newspaper websites, including those of The New York Times, The Washington Post and The Wall Street Journal, have said they have also been infiltrated. Those attacks were attributed by the news organisations to Chinese hackers targeting their coverage of China.

While Facebook said that no user data was compromised, the incident could raise consumer concerns about privacy and the vulnerability of personal information stored within the social network.

Facebook has experienced several privacy missteps over the years for the way it handles user data, and settled a privacy investigation with federal regulators in 2011.

Facebook said it spotted a suspicious file and traced it back to an employee's laptop. After conducting a forensic examination of the laptop, Facebook said it identified a malicious file, then searched company-wide and identified "several other compromised employee laptops."

The company also said it identified a previously unseen exploit to bypass its built-in cyberdefenses, and that new protections were added on February 1.