Facebook said that hackers accessed personal data from 29 million users in a hack revealed by the social media giant at the end of last month.
Facebook initially said as many as 50 million accounts were affected in cyber attacks. The attack exploits software weaknesses to steal "access tokens" which allow people to automatically re-enter the platform.
"We now know that fewer people are affected than we thought," said Facebook Product Management Vice President Guy Rosen told AFP on Friday.
He said hackers, whose identities are still a mystery, access names, telephone numbers and e-mail addresses from 15 million users. For another 14 million people, the attack is potentially more damaging.
Facebook said hackers accessed the data plus additional information including gender, religion, hometown, date of birth, and places recently visited. According to Rosen, there is no data accessed in the account of one million people whose "token access" is stolen.
The attack, according to Facebook, does not affect other Facebook products, such as Messenger, Messenger Kids, Instagram, WhatsApp, Oculus, Workplace, Pages, payments, third-party applications or advertisements or developer accounts