Facebook security breach affects 50 million users

Facebook says attackers have exploited vulnerability in its code to steal “access tokens” which could have affected millions of profiles.

Facebook disclosed a security flaw on Friday affecting nearly 50 million Facebook accounts. The social media company said hackers exploited its “View As” feature which allows users to see what their profiles look like to other individuals using its platform.

How has Facebook resolved the issue?

Facebook said in a blog post that it “fixed the vulnerability and informed law enforcement.” It has reset “access tokens” of the 50 million accounts affected by the breach, as well as a further 40 million accounts, as a precaution. Those 90 million users will need to log back into the platform as a result. Facebook said it is not necessary for users to change their passwords.

The “View As” feature has been turned off as a precaution while a security review is conducted.

Cybersecurity reporter Brendan Bordelon said on Twitter that Facebook “discovered the vulnerability Tuesday, notified the FBI and Irish DPA on Wednesday, fixed it on Thursday and notified us on Friday.”

‘Constant attacks’

“We face constant attacks from people who want to take over accounts or steal information around the world,” Facebook CEO Mark Zuckerberg said on his Facebook page.

“While I’m glad we found this, fixed the vulnerability, and secured the accounts that may be at risk, the reality is we need to continue developing new tools to prevent this from happening in the first place.”

Five months ago, Zuckerberg admitted Facebook failed to protect user data and prevent manipulation of its platform after some 87 million users had their personal information harvested by political consultancy Cambridge Analytica.

Source:dw.com