Facebook is the biggest social network in the world at the moment, and with millions of accounts on its platform, it does seem like a hacker’s dream come true to be able to mine all of these accounts for all kinds of personal information that could be used for other malicious purposes. Unfortunately for some, that’s exactly what happened.
In an announcement by Facebook, the company has revealed that on the 25th of September, their systems were compromised by hackers who exploited a security flaw, which in turn saw about 50 million or so accounts compromised. According to Facebook, the flaw was in the “View As” feature that lets users see what their profile might look like to another user.
Facebook says that the flaw “allowed them to steal Facebook access tokens which they could then use to take over people’s accounts. Access tokens are the equivalent of digital keys that keep people logged in to Facebook so they don’t need to re-enter their password every time they use the app.”
Users who have been affected by this will see themselves logged out of their Facebook accounts and also services that they might have logged in with using Facebook. Upon logging back in, they will be greeted by the notification in the screenshot above that lets them know what happened.
Facebook concludes, “To protect people’s accounts, we’ve fixed the vulnerability. We have also reset the access tokens of the almost 50 million accounts we know were affected and we’ve also taken the precautionary step of resetting access tokens for another 40 million accounts that have been subject to a View As look-up in the last year. Finally, we’ve temporarily turned off the View As feature while we conduct a thorough security review.”
Filed in General. Read more about Facebook, Hack and Security.
By Tyler Lee on 09/28/2018 20:13 PDT