Facebook Discovers Security Issue Affecting Almost 50 Million Accounts

The Facebook breach A design flaw and a wake-up call

The Facebook breach A design flaw and a wake-up call

Security is an illusion, which is a truth increasingly relevant as social networking giant Facebook unearths a security breach affecting millions of users.

Facebook began notifying users over the weekend of the breach, but it sent it out in the form of a notice posted at the top of news feeds titled "An Important Security Update" containing the same information sent to reporters.

If you try to access the "View As" feature now, an error message appears saying that it has been "temporarily disabled".

When you log into websites like Facebook, you are given an access token. That includes anyone who has been subject to a "View As" lookup in the past year.

Facebook is also facing unprecedented pressure from both high-profile conservatives angry about unfounded claims that West Coast-based tech companies regularly censor them.

Zuckerberg said that the company doesn't know yet if any of the accounts that were hacked were misused. Hackers used a vulnerability in the platform's code to steal other users" "access tokens' and log into their accounts.

"The bigger concern (and something we don't know yet) is whether third party applications were impacted", Williams said in a text exchange. In other words, Facebook is providing the identity management for countless other sites and services.

This allowed them to steal Facebook access tokens which they could then use to take over people's accounts, the company said, explaining that access tokens are the equivalent of digital keys that keep people logged in to Facebook so they do not need to re-enter their password every time they use the app.

Under the law, companies that don't sufficiently protect user data face maximum fines of €20 million ($23 million), or 4% of the company's global annual revenue from the prior year, depending on which sum is larger. Then a congressional investigation found that agents from Russian Federation and other countries have been posting fake political ads since at least 2016. Simply put, it lets Facebook users preview their own accounts.

Tinder continued, "We will continue to investigate and be vigilant - as we always are - and if Facebook would be transparent and share the affected user lists, it would be very helpful in our investigation".

This isn't something a quick password change can fix.

That's why when you close the Facebook tab and open it up again later, you're still logged in. It has a one-click option of logging out of all locations. Zuckerberg has tried mightily to assure consumers and lawmakers that the site is doing everything in its power to protect personal information while tamping down on foreign meddling during elections. The DPC acknowledged Facebook did inform them of the breach but said that the report lacked "detail".

A spokesperson for the dating app Tinder said Monday that Facebook (FB) has shared only "limited information" and called on Facebook to be "transparent" about which of Tinder's users may have been affected. "Shareholders should ultimately approve of Facebook's handling of the issue".

Recommended News

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.