Facebook Breach: Nearly 50M Accounts Impacted, Company Says

WORNSHOESBLOG May 11, 2020

A security issue exposed the accounts of almost 50 million users on Facebook but it is unknown whether the accounts were misused, the company said on Friday.

In a statement, Facebook said its engineering team discovered a “security issue” affecting the accounts on Sept. 25. Users who had to log back in to Facebook or any apps that use a Facebook login were either affected by the breach or were logged out as a precaution. In all, Facebook says around 90 million people will have to log back in but said that there’s no need to reset passwords. As of June 2018, Facebook said it has 2.23 billion monthly active users.

“We’re taking this incredibly seriously and wanted to let everyone know what’s happened and the immediate action we’ve taken to protect people’s security,” the statement said.

Facebook said attackers exploited a vulnerability in its code that impacted the “View As” feature and allowed them to steal access token that they used to take over accounts. Facebook explains that access tokens keep people logged in to the social media network so they don’t need to re-enter their password each time they use the app. Facebook says it has reset the access tokens of the affected accounts. The token for an additional 40 million users that have been subject to a “View As” look-up in the last year have also been reset.

The vulnerability has been fixed and Facebook has informed law enforcement of the attack. The “View As” feature has also been temporarily turned off.

“Since we’ve only just started our investigation, we have yet to determine whether these accounts were misused or any information accessed,” Facebook said in its statement. “We also don’t know who’s behind these attacks or where they’re based.”

Facebook apologized in its statement and told users that there’s no need for anyone to change their passwords.

CEO Mark Zuckerberg said in a statement that the issue was patched Thursday night. The company is still investigating the attack and will provide further information as it learns more.

“While I’m glad we found this, fixed the vulnerability, and secured the accounts that may be at risk, the reality is we need to continue developing new tools to prevent this from happening in the first place,” Zuckerberg said.

Lawmakers have already called for investigations into the breach.

Click Here: United Kingdom Rugby Jerseys

“The news that at least 50 million Facebook users had their accounts compromised is deeply concerning,” Mark Warner, the ranking Democrat of the Senate Intelligence Committee, said in a statement. “A full investigation should be swiftly conducted and made public so that we can understand more about what happened.”

Rohit Chopra, a commissioner on the Federal Trade Commission, tweeted “I want answers,” referring to the breach.

Photo by Francois Mori/Associated Press