Facebook: 50 Million User Accounts Affected By Security Breach
By RJ Johnson - @rickerthewriter
September 28, 2018
Facebook says their security team has detected a security breach that has affected up to 50 million user accounts.
According to the online social media giant, hackers used a flaw in the "View As" feature available to users on the front page of their profile to gain access to people's information. In a statement, Facebook wrote that they have taken steps to fix the security problem and alerted law enforcement to the breach.
"Our investigation is still in its early stages. But it's clear that attackers exploited a vulnerability in Facebook's code that impacted 'View As', a feature that lets people see what their own profile looks like to someone else. This allowed them to steal Facebook access tokens which they could then use to take over people's accounts. Access tokens are the equivalent of digital keys that keep people logged in to Facebook so they don't need to re-enter their password every time they use the app," Facebook's statement said in part.
The company writes that they've taken steps by resetting the access tokens for another 40 million accounts that have been subjected to the "View As" look-up over the last year. According to Facebook, up to 90 million people will now have to re-log into their accounts, or any of their apps that use Facebook's login service. The social media giant also wrote that they are turning off the "View As" feature while they conduct a review of their security.
The company says they have not yet determined whether the accounts breached were misused in any way, or if any information was accessed. They also say they are still investigating who may have been behind the breach.
The breach comes as the company faces increased scrutiny over their use of people's private information and deals with increasing fallout over their role in disseminating fake news from a Russian disinformation campaign during the 2016 election.
Photo: Getty Images