No user data was leaked, Facebook says, but several employee laptops were infected with malware designed to allow access to the attackers.
The good news is that no user data was leaked or in any danger, at least as far as Facebook claims. The attack was also detected early on and Facebook was fast to kill it.
But, of course, it's not the attacks you catch that are dangerous; it's the ones you don't know about.
That's not to say someone is gobbling up Facebook data right now, but the possibility can't be dismissed outright.
We trust, to varying degrees, plenty of sites and services to hold onto our data and keep it safely hidden if we want to.
Plenty of people criticize Google or Facebook's privacy policies, but few actually believe these companies have nefarious purposes or that they would betray our explicit trust.
But that's all out the window if these companies can't protect the data we entrust them with. Granted, anyone capable of hacking Facebook, or Twitter, or Google is not going to be looking for your naughty photos.
But compromising information about politicians, officials, CEOs of big companies, could be used against them.
Attackers are getting more and more sophisticated, powerful and well equipped. The companies or government organizations they're targeting are getting better at staying secure as well, but the bad actors will always have a leg up and the good ones will always be playing catch-up.
At the same time, more and more sites offer better security options, such as two-factor authentication, always-on encryption and so on. Plenty of people make use of them. But even if you take the best security measures, they mean nothing if hackers can get to the data directly.
In the end, as the piece of Internet wisdom goes, if you don't want something leaking out, don't put it on the Internet. And if you do, know that there is a chance, however remote, that it's not going to stay as private as you wish.