MANILA, Philippines – It is likely that there may be more affected in the Facebook hack than current estimates provided by the company, according to Beau Woods, a cybersecurity fellow from the American think tank, Atlantic Council.

Woods told UK newspaper The Telegraph that “the 50 million may be the tip of the iceberg.” 

While a traffic spike on September 16 led to the discovery of the breach, Beau Woods explained that in the 14 months since the vulnerability was introduced, many more attackers could have found the vulnerability, and exploited it.

It just so happened that it was the September 16 attacks that were discovered. (READ: Facebook may get $1.63 billion fine in EU due to recent hack) 

The cybersecurity expert said that it’s likely that many different hacking groups or individuals have been breaking in over the past year, and that “it’s just the clumsiest one that alerts the palace guards.”

Knowledge of security loopholes – such as the one left behind by a company which holds in its vault the data of 2 billion users – has a way of spreading. It can either be sold, shared accidentally, or just discovered by different groups simultaneously. (READ: What to do after the massive Facebook hack) 

Facebook’s estimates total at around 90 million. Fifty million were confirmed to have been hacked but another 40 million users had their access tokens reset too by Facebook as precaution.

Facebook is currently working with the FBI to understand the full scope of the attack. – Rappler.com