Published: Tue, October 02, 2018
Markets | By Jeffery Armstrong

Facebook says up to 50 mn accounts breached in attack

Facebook says up to 50 mn accounts breached in attack

Facebook chief executive Mark Zuckerberg appeared at a Congressional hearing over Facebook's privacy policies in April. Several Facebook users (including the author of this story) noticed the odd occurrence this morning and posted to social media wondering what happened.

When you log into websites like Facebook, you are given an access token. The vulnerability has existed since previous year, and is the largest till date.

Facebook announced on Friday that hackers decamped with personal details of 50 million users.

But we know of at least two high-profile victims in the data breach: Facebook CEO Mark Zuckerberg, and COO Sheryl Sandberg.

That's why when you close the Facebook tab and open it up again later, you're still logged in. The hackers have also tried accessing profile information like name, gender, location and photos from the compromised accounts. Engineers found a security flaw in this feature, pushing them to disable it. "These access tokens that were stolen show when a user is logged into Facebook and that may be enough to access a user's account on a third party site", he said.

More news: Lil Wayne Finally Releases New Album ‘Tha Carter V’

This feature enables users to preview what their profiles look like when other users view their profiles.

A Tinder spokesperson pointed out that most of its new users sign up to the service without using a Facebook login.

On the afternoon of Tuesday, September 25, the Facebook engineering team discovered a security issue affecting nearly 50 million accounts.

Rosen would not confirm whether the breach was state-backed, but added the hackers "did need a certain level in order for attacker not only get access but to pivot on the access tokens". This allowed them to read your private messages, post anything on your timeline, upload a picture or a video, and message any of your friends. "The access tokens have been compromised and Facebook has force re-set access token now". "This does mean they could access other third-party apps using Facebook login", Guy Rosen, Facebook's vice president of product, said.

MPs have demanded that Mark Zuckerberg travels to the United Kingdom to face questions about his "terrible disrespect" for the data of citizens, following last week's data breach at Facebook that resulted in 50 million user accounts being exposed to hackers.

More news: Liverpool tipped to make move for Aaron Ramsey

The attackers then dumped the digital key, which was used for authentication, by performing an attack on the "view as" feature.

"This breach can be yet another wake-up call for people to take their online security seriously", Schulz said in comments obtained by Fox News. After a violation of this scale, people will no longer be able to trust Facebook as their privacy partner.

Facebook also said it was taking a precautionary step to reset access tokens for another 40 million accounts that have been subject to a "View As" look-up in 2017.

Ireland's Data Protection Commission, which is Facebook's lead privacy regulator in Europe, said Saturday that it has demanded more information from the company about the nature and scale of the breach, including which European Union residents might be affected.

More news: Moderate quake strikes Indonesia's Sulawesi, but no tsunami threat

Like this: