You are here

Up to 50 million Facebook accounts breached in attack

By AFP - Sep 30,2018 - Last updated at Sep 30,2018

A smartphone user shows the Facebook application on his phone in the central Bosnian town of Zenica, in this photo illustration, on May 2, 2013 (Reuters file photo)

SAN FRANCISCO — Facebook revealed on Friday that up to 50 million accounts were breached by hackers, dealing a blow to the social network’s effort to convince users to trust it with their data.

The social network is investigating the extent of harm done when hackers exploited a trio of software flaws to steal “access tokens”, the equivalent of digital keys that enable people to automatically log back into the social network.

Facebook Chief Executive Mark Zuckerberg said engineers discovered the breach on Tuesday, and patched it on Thursday night.

“We don’t know if any accounts were actually misused,” Zuckerberg said. “This is a serious issue.”

As a precaution, Facebook is temporarily taking down the “view as” feature — described as a privacy tool to let users see how their profiles look to other people.

“It’s clear that attackers exploited a vulnerability in Facebook’s code,” said vice president of product management Guy Rosen.

“We’ve fixed the vulnerability and informed law enforcement.”

Facebook reset the 50 million breached accounts, meaning users will need to sign back in using passwords.

Democratic US Senator Mark Warner cited the breach as further proof of the privacy danger of companies such as Facebook and Equifax not adequately protecting the massive amounts of information they gather about people.

“This is another sobering indicator that Congress needs to step up and take action to protect the privacy and security of social media users,” Warner said in a statement.

“As I’ve said before — the era of the Wild West in social media is over.”

The breach is the latest privacy embarrassment for Facebook, which earlier this year acknowledged that tens of millions of users had personal data hijacked by Cambridge Analytica, a political firm working for Donald Trump in 2016.

“We face constant attacks from people who want to take over accounts or steal information around the world,” Zuckerberg said on his Facebook page.

“While I’m glad we found this, fixed the vulnerability, and secured the accounts that may be at risk, the reality is we need to continue developing new tools to prevent this from happening in the first place.”

up
30 users have voted.

Add new comment

CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
10 + 6 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.

Newsletter

Get top stories and blog posts emailed to you each day.