Social media giant Facebook has said that they were hacked via a Java zero-day exploit after employees visited an infected mobile developer website back in January. Facebook has said that it does not appear that any user data was compromised and that they are working on moving away from Java.
"They gained limited visibility into our systems," Fred Wolens, a spokesperson for Facebook told VentureBeat. "We've accelerated our program to disable Java in our environment."
A patch for the bug used to compromise the fully patched laptops was issued by Oracle on February 1 after Facebook alerted them to the bug that allowed the hackers to bypass the sandbox protections. This is the latest in a string of high-profile hackings and exploits found in Java.
Many people have called for Java to be uninstalled from systems due to the frequency in which major security holes are found. The Department of Homeland Security has reiterated this recommendation.
Facebook is working with law enforcement to identify the hackers and the details. Facebook was quick to post about the hack so that other companies can protect themselves. They say that they were "not alone in this attack," though it's not clear who else has been affected by the compromise.