• search
For Quick Alerts
For Daily Alerts

Accounts of 50 million users affected due to security breach: Facebook


Washington, Sep 28: The social media company has revealed hackers accessed the site by exploiting a vulnerability in Facebook's code. The monumental blunder was revealed on Friday, three days after the attack actually took place.

Accounts of 50 million users affected due to security breach: Facebook

The company said they do not know who is behind the attacks. More than 90 million users will now have to log back into their accounts. The site has temporarily turned off its "view as" feature while they conduct a security review.

UK newspaper industry body wants Google, FB pay journalism tax

"It's clear that attackers exploited a vulnerability in Facebook's code," vice president of product management Guy Rosen said in a blog post. "We've fixed the vulnerability and informed law enforcement."

Facebook chief executive Mark Zuckerberg said engineers discovered the breach on Tuesday, and patched it on Thursday night. "We don't know if any accounts were actually misused," Zuckerberg said.

"This is a serious issue." As a precaution, Facebook is temporarily taking down the "view as" feature -- described as a privacy tool to let user see how their own profiles would look to other people.

"We face constant attacks from people who want to take over accounts or steal information around the world," Zuckerberg said on his Facebook page. "While I'm glad we found this, fixed the vulnerability, and secured the accounts that may be at risk, the reality is we need to continue developing new tools to prevent this from happening in the first place."

Facebook said it took an additional "precautionary step" of resetting access tokens for another 40 million accounts where the vulnerable feature was used.

Instagram co-founders quit; Wants to explore 'our curiosity and creativity again'

As a precaution, Facebook is now logging around 90 million people out of their accounts. You'll have to log back in to Facebook as a result - that includes any apps that you might log into with Facebook, like Spotify.

What might have been accessed?

However, the lingering question is what data may have been accessed in the breach. In theory, the worst thing that an attacker could find would be anything that you yourself can view on your Facebook profile, which includes names, dates of birth, family members, and likely years of photos. That is enough for a phishing attack on people's other accounts, like banks or credit cards, but it does mean that no banking or sign-in information should have been at risk. Facebook also says there is no need to change your password.

The breach is the latest privacy embarrassment for Facebook, wich earlier this year acknowledged that tens of millions of users had personal data hijacked by a political firm working for Donald Trump in 2016.

For Daily Alerts
Get Instant News Updates
Notification Settings X
Time Settings
Clear Notification X
Do you want to clear all the notifications from your inbox?
Settings X
We use cookies to ensure that we give you the best experience on our website. This includes cookies from third party social media websites and ad networks. Such third party cookies may track your use on Oneindia sites for better rendering. Our partners use cookies to ensure we show you advertising that is relevant to you. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on Oneindia website. However, you can change your cookie settings at any time. Learn more