Late Friday Facebook released more information on the cyberattack that led it to log some ninety-million users out at the end of September. In brief, it seems that fewer users were affected than feared, but that the information exposed was more sensitive than hoped. Roughly thirty-million people were affected. One-million lost nothing. Fifteen-million lost name and contact details. Fourteen-million lost name, contact information, and other data they had in their profiles (username, gender, locale or language, relationship status, religion, hometown, date-of-birth, education, work, search history, etc.). Facebook's Help Center can tell users if they were among those affected.
Bloomberg's story of Chinese attacks on the IT supply chain remains controversial, but at this point reactions are trending toward skepticism. Bloomberg has been standing by its story, but one of those they interviewed in their follow-up piece, Sepio's Yossi Appleboum, told ServetheHome that he's disappointed his words were used to reinforce Bloomberg's claims that Supermicro was compromised: "I think they are innocent." He says instead it's a general problem and not even necessarily even a manufacturing one—attacks can occur anywhere in the supply chain.
The September 13th lethal explosion involving the Columbia Gas Low-pressure Natural Gas Distribution System in Massachusetts was greeted with speculation that the tragedy was caused by a cyberattack. But a preliminary report by the US National Transportation Safety Board concludes that it was indeed an accident.
Estonia joined the Netherlands' and UK's push to clarify EU sanctions for cyberattacks. Italy pushed back, preferring to relax tensions.