Accounts of 50 million users affected due to security breach: Facebook
Washington, Sep 28: The social media company has revealed hackers accessed the site by exploiting a vulnerability in Facebook's code. The monumental blunder was revealed on Friday, three days after the attack actually took place.
The company said they do not know who is behind the attacks. More than 90 million users will now have to log back into their accounts. The site has temporarily turned off its "view as" feature while they conduct a security review.
"It's clear that attackers exploited a vulnerability in Facebook's code," vice president of product management Guy Rosen said in a blog post. "We've fixed the vulnerability and informed law enforcement."
Facebook chief executive Mark Zuckerberg said engineers discovered the breach on Tuesday, and patched it on Thursday night. "We don't know if any accounts were actually misused," Zuckerberg said.
"This is a serious issue." As a precaution, Facebook is temporarily taking down the "view as" feature -- described as a privacy tool to let user see how their own profiles would look to other people.
"We face constant attacks from people who want to take over accounts or steal information around the world," Zuckerberg said on his Facebook page. "While I'm glad we found this, fixed the vulnerability, and secured the accounts that may be at risk, the reality is we need to continue developing new tools to prevent this from happening in the first place."
Facebook said it took an additional "precautionary step" of resetting access tokens for another 40 million accounts where the vulnerable feature was used.
As a precaution, Facebook is now logging around 90 million people out of their accounts. You'll have to log back in to Facebook as a result - that includes any apps that you might log into with Facebook, like Spotify.
What might have been accessed?
However, the lingering question is what data may have been accessed in the breach. In theory, the worst thing that an attacker could find would be anything that you yourself can view on your Facebook profile, which includes names, dates of birth, family members, and likely years of photos. That is enough for a phishing attack on people's other accounts, like banks or credit cards, but it does mean that no banking or sign-in information should have been at risk. Facebook also says there is no need to change your password.
The breach is the latest privacy embarrassment for Facebook, wich earlier this year acknowledged that tens of millions of users had personal data hijacked by a political firm working for Donald Trump in 2016.
-
LPG Crunch: Karnataka Brings New SOPs, Makes PNG Registration Mandatory for Businesses -
Hyderabad Gold Silver Rate Today, 30 March 2026: Check Fresh 24K, 22K, 18K Gold And Silver Prices In City -
Opinion Poll For Kerala Assembly Election 2026: Ldf Strength In Kannur And Kasaragod -
Tamil Nadu Polls 2026: Vijay Reveals Rs 645 Crore Assets, Rs 266 Crore in Banks; Know All His Declaration -
Mumbai Metro Line 9 Set for April 3 Launch, Dahisar-Mira Bhayandar to Get Direct Boost -
Trump Hints At Breakthrough With Iran Amid War Escalation, Calls Recent Move A ‘Sign Of Respect’ -
Rahul Arunoday Banerjee Autopsy Report: Actor Was Underwater For Over An Hour, Sand Found In Lungs -
West Bengal Assembly elections: Election Commission transfers heads of 173 police stations -
Delhi Weather Brings Relief: IMD Issues Yellow Alert For Rain, Thunderstorms And Gusty Winds; Check Forecast -
Tamil Nadu Elections 2026: Vijay Files Nomination Same Day as MK Stalin, Sets Up Symbolic Political Face-Off -
Too Close To Call? 57 Key Seats Could Decide West Bengal Election 2026 As TMC And BJP Gear Up For Tight Battle -
Kim Jong Un Oversees New Solid-Fuel Missile Engine Test, Claims Capability To Reach US Mainland
Click it and Unblock the Notifications
Sign in with Google