Facebook announces security breach affecting 50 million accounts

12 2012 in Paris shows an illustration made with figurines set up in front of Facebook's homepage. Facebook already assured of becoming one of the most valuable US firms when it goes public later this month now must convince

12 2012 in Paris shows an illustration made with figurines set up in front of Facebook's homepage. Facebook already assured of becoming one of the most valuable US firms when it goes public later this month now must convince

Facebook has had its fair share of issues over the years with everything from a bug that made private posts public to the infamous data leak that had the site logging personal texts and calls among other things.Today, the company revealed they discovered a security flaw Tuesday that has affected nearly 50 million user accounts.

The attackers used this issue to steal "access tokens", which keep people logged into their account. The vulnerability has been fixed and law enforcement was informed, the company said. Facebook reset all 50 million, as well as tokens for an additional 40 million as a "precautionary step".

This means that the 90 million users impacted will have to log back into the social network, or any other apps that use Facebook to log in, when they next try to open them.

Impacted users will be prompted to log back in before receiving a notification explaining the situation. For now, Facebook is turning off the "View As" feature while it investigates the incident.

Facebook chief executive Mark Zuckerberg said: "We don't know if any accounts were actually misused", but conceded it was a "serious issue".

The company notes that its internal investigation is "still in its early stages" and says it remains unclear who might be behind the attack or what user data - if any - was taken. "In addition, if we find more affected accounts, we will immediately reset their access tokens". Discovering the breach earlier this week, the company said that the investigation in the matter is still in its initial phase.

Facebook
Image Facebook said it had informed police

The flaw was in Facebook's "View As" tool, a privacy feature that lets Facebook users view their own profile as if they were someone else.

Facebook recommends users visit the Security and Login page of its website to check to see which devices are logged into their account.

Notably, the security issue was discovered on September 25. The "View As" feature has also been turned off temporarily, they said.

He apologised on behalf of the company an said that the security of it users remains "very important".

We'll update this post as we get more information, but in the meantime it's probably a good idea to change your Facebook password and check your security settings just in case.

Recommended News

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.