Mark Zuckerberg’s Facebook account was among those accessed by hackers

More trouble.
More trouble.
Image: Reuters/Christian Hartmann
We may earn a commission from links on this page.

The recent attack on 50 million Facebook accounts hit particularly close to home: Hackers accessed the accounts of Facebook’s top executives, Mark Zuckerberg and Sheryl Sandberg, according to the New York Times (paywall).

Not much is known about the severity of the data breach, including what, if any, private information hackers accessed from the compromised accounts. Facebook said it has removed the vulnerability but is still in the “early stages” of investigating what happened. Zuckerberg, the company’s co-founder and CEO, and Sandberg, its COO, didn’t mention that their own accounts were hacked in posts they wrote about the breach.

Most reaction to the Facebook breach has understandably focused on the privacy concerns of its users. (By the way, here’s some good advice to protect yourself.) But the attack on Facebook’s leadership raised the specter of even more trouble for the company, which is already under intense scrutiny for its handling of user data, among other issues. Not that people would sympathize, but if hackers accessed sensitive information about Facebook or its executives, it could be particularly damaging to the company.

Sony Pictures was famously hurt after North Korean hackers accessed its servers and leaked emails by its executives in 2014, leading the company’s chairwoman to resign. That led mostly to embarrassment. Other corporate hacks, like the breach at two US corporate law firms in 2015, have exposed private information about merger activity, leading to insider trading.

Facebook conducts most of its work on internal systems that were not affected by the breach. It’s not clear what kind of information could be gleaned from Zuckerberg’s and Sandberg’s accounts on Facebook or from services connected to them, which were also compromised. Facebook said it didn’t know who was behind the attack.

“We are still early in the investigation, and we are not able to tell, is there one attacker, multiple attackers,” said Guy Rosen, the company’s VP of product management. “We are working to learn more about who and what entities might’ve been behind those.”