ALERT: 600K Unauthorized Facebook Log-Ins Daily

Happy Halloween: A Facebook account gets compromised once every 140 milliseconds.

With Halloween just days away, here’s something that ought to spook you: 600,000 accounts a day get compromised on Facebook.

Using information released by Facebook in its announcement of its forthcoming trusted friends and application passwords features, Sophos highlighted the following scary statistic: .06 percent of Facebook log-ins are compromised on a daily basis.

Doesn’t sound like a lot? The security firm further elaborated that the number works out to one compromised account every 140 milliseconds.

A Facebook spokesperson added some clarification about the 600,000 figure:

While Facebook does block about 600,000 logins per day, it is not that these Facebook accounts are compromised on Facebook, and certainly not that they’re “hacked,” as some have written. There may be compromised accounts that appear on Facebook, but more often than not, they are compromised off of Facebook — they use the same password for email as Facebook, they get phished, etc. Compromised in this sense refers to logins where we are not absolutely confident that the account’s true owner is accessing the account, and we either pre-emptively or retroactively block access. We are being preventative and helping make sure people secure their account even if they aren’t actually compromised on Facebook.

As for trusted friends, Sophos recommends that you really trust those friends, as one person alone couldn’t do anything with the code sent to them by Facebook, but if they worked together, the account could be compromised.

The security firm also pointed out that should an account be illegally accessed, the hacker would likely change the trusted friends, anyway.

Readers: Are you scared yet?