The hackers told the BBC Russian Service that they had details from a total of 120 million accounts, which they were attempting to sell.
Unlike the September hack though, this time Facebook isn't really to be blamed.
It is believed that numerous user details came from Russian Federation and Ukraine-based Facebook users although some messages also originated from people in the United States, the UK and Brazil, the BBC notes.
After investigating the claims, Facebook said it suspects the account information was gathered by "malicious browser extensions", which can range from online shopping assistants to ad blockers. Rosen said the social network had notified law enforcement, had the website hosting the Facebook account data had been taken down.
Rosen also suggested people check any browsers extensions they've installed and "remove any that they don't fully trust".
The still-unidentified hackers were asking for $0.10 per account, according to the report.
Kasper Schmeichel's Daring Act After Leicester Helicopter Crash Deserves Accolades
The business world remembers Vichai as the retail entrepreneur who grew Thailand's massive King Power duty-free chain. They will reportedly be in Thailand for 36 hours to pay tribute at the temple where Mr Vichai's body is being kept.
Security firm Digital Shadows helped BBC analyse the data and came to the determination that the attackers used a browser exploit. Behind the scenes, though, the extension would connect to Facebook and steal information from a victim's logged in account.
Personal shopping assistants, bookmarking applications and even mini-puzzle games are all on offer from various browsers such as Chrome, Opera and Firefox as third-party extensions.
Without naming the extensions, Facebook explains that these malicious extensions quietly monitored users' activity, and sent data back to the hackers, without the users' knowledge. "Our database includes 120 million accounts".
Thousands of private Facebook messages were recently compromised.
The BBC reached out to five Russian Facebook users whose private messages had been stolen; each confirmed it belonged to them, with conversation topics ranging from a recent holiday, concerts, and complaints about a son-in-law.
Numerous messages are relatively benign and include simple chats about going on vacation and attending concerts.