Flash Flood Watch
until MON 12:00 AM MST, Grand Canyon Country, Coconino Plateau, Yavapai County Mountains, Little Colorado River Valley in Coconino County, Little Colorado River Valley in Navajo County, Little Colorado River Valley in Apache County, Western Mogollon Rim, Eastern Mogollon Rim, White Mountains, Northern Gila County, Yavapai County Valleys and Basins, Oak Creek and Sycamore Canyons, Western Pima County including Ajo/Organ Pipe Cactus National Monument, Tohono O'odham Nation including Sells, Upper Santa Cruz River and Altar Valleys including Nogales, Tucson Metro Area including Tucson/Green Valley/Marana/Vail, South Central Pinal County including Eloy/Picacho Peak State Park, Southeast Pinal County including Kearny/Mammoth/Oracle, Upper San Pedro River Valley including Sierra Vista/Benson, Eastern Cochise County below 5000 ft including Douglas/Wilcox, Upper Gila River and Aravaipa Valleys including Clifton/Safford, White Mountains of Graham and Greenlee Counties including Hannagan Meadow, Galiuro and Pinaleno Mountains including Mount Graham, Chiricahua Mountains including Chiricahua National Monument, Dragoon/Mule/Huachuca and Santa Rita Mountains including Bisbee/Canelo Hills/Madera Canyon, Santa Catalina and Rincon Mountains including Mount Lemmon/Summerhaven, Baboquivari Mountains including Kitt Peak, Aguila Valley, Northwest Valley, Tonopah Desert, Gila Bend, Buckeye/Avondale, Cave Creek/New River, Deer Valley, Central Phoenix, North Phoenix/Glendale, New River Mesa, Scottsdale/Paradise Valley, Rio Verde/Salt River, East Valley, Fountain Hills/East Mesa, South Mountain/Ahwatukee, Southeast Valley/Queen Creek, Superior, Northwest Pinal County, West Pinal County, Apache Junction/Gold Canyon, Tonto Basin, Mazatzal Mountains, Pinal/Superstition Mountains, Sonoran Desert Natl Monument, San Carlos, Dripping Springs, Globe/Miami, Southeast Gila County

Facebook: Hackers accessed personal data from 29M accounts

NEW YORK (AP) -- Facebook says hackers accessed a wide swath of information -- ranging from emails and phone numbers to more personal details like sites visited and places checked into -- from millions of accounts as part of a security breach the company disclosed two weeks ago.

Twenty-nine million accounts had some form of information stolen. Originally Facebook said 50 million accounts were affected, but that it didn't know if they had been misused.

The news comes at a jittery time ahead of the midterm elections when Facebook is fighting off misuse of its site on a number of fronts . The company said Friday there's no evidence this is related to the midterms.

On Friday Facebook said hackers accessed names, email addresses or phone numbers from these accounts. For 14 million of them, hackers got even more data, such as hometown, birthdate, the last 10 places they checked into or the 15 most recent searches.

An additional 1 million accounts were affected, but hackers didn't get any information from them.

Facebook isn't giving a breakdown of where these users are, but says the breach was "fairly broad." It plans to send messages to people whose accounts were hacked.

Facebook said third-party apps that use a Facebook login and Facebook apps like WhatsApp and Instagram were unaffected by the breach.

Facebook said the FBI is investigating, but asked the company not to discuss who may be behind the attack. The company said it hasn't ruled out the possibility of smaller-scale attacks that used the same vulnerability.

Facebook has said the attackers gained the ability to "seize control" of those user accounts by stealing digital keys the company uses to keep users logged in. They could do so by exploiting three distinct bugs in Facebook's code.

The hackers began with a set of accounts they controlled, then used an automated process to access the digital keys for accounts that were "friends" with the accounts they had already compromised. That expanded to "friends of friends," extending their access to about 400,000 accounts, and then went on from there to access 30 million accounts. There is no evidence that the hackers made any posts or took any other activity using the hacked accounts.

The company said it has fixed the bugs and logged out affected users to reset those digital keys.

At the time, CEO Mark Zuckerberg -- whose own account was compromised -- said attackers would have had the ability to view private messages or post on someone's account, but there's no sign that they did.

Facebook Vice President Guy Rosen said in a call with reporters on Friday the company hasn't ruled out the possibility of smaller-scale efforts to exploit the same vulnerability that the hackers used before it was disabled.

The company has a website its 2 billion global users can use to check if their accounts have been accessed, and if so, exactly what information was stolen. It will also provide guidance on how to spot and deal with suspicious emails or texts. Facebook will also send messages directly to those people affected by the hack.

To see if your profile was part of the hack, visit https://www.facebook.com/help/securitynotice.