Facebook says 50 million accounts hacked, 90 million users need to reset their passwords - Facebook has announced that it has discovered a major security flaw in the way its accounts work, and that has potentially affected as many as 50 million users. The company said that it was also notifying nearly 90 million users who would be required to log into their Facebook account and reset the password.
"On the afternoon of Tuesday, September 25, our engineering team discovered a security issue affecting almost 50 million accounts. We're taking this incredibly seriously," Guy Rosen, Facebook VP of product management wrote on the company blog.
The security flaw apparently is so grave that it allows a potential hacker to take control of a Facebook account. It works through a Facebook feature called View As that lets Facebook users see how their profile looks to public and their friends. But apparently this feature exposes the security token associated with the Facebook profile and session and that lets a crafty hacker or anyone with sufficient tech knowledge to take control of someone's Facebook account. Facebook also said that while it has fixed the problem and while it reviews the View As feature, it is disabling the View As option for all accounts.
The social media site has also said that it is notifying around 90 million users whose Facebook accounts it believes are at the risk of falling prey to hackers due to the View As bug. These users will have to log into their Facebook account and change their passwords immediately.
So how do you know that your account is among the affected accounts? Apparently, you will be forced logged out of Facebook. This is going to happen for around 90 million users. Suddenly if you find yourself logged out of the Facebook app or from the Facebook website, it is possible that your account was exposed to hackers due to the View As bug.
Facebook has explained how the security breach allows someone to exploit Facebook accounts. "Our investigation is still in its early stages. But it's clear that attackers exploited a vulnerability in Facebook's code that impacted View As a feature that lets people see what their own profile looks like to someone else. This allowed them to steal Facebook access tokens which they could then use to take over people's accounts. Access tokens are the equivalent of digital keys that keep people logged in to Facebook so they don't need to re-enter their password every time they use the app," wrote Rosen.
Facebook says that it has taken three steps to fix the issue. One, the View As bug has been rectified and fixed. Second, it has reset passwords for 90 million users - 50 million directly affected and 40 million at risk - and third it has notified law enforcement agencies.
The news of the Facebook accounts breach comes a day after a hacker in Taiwan said that he would delete the account of Mark Zuckerberg from Facebook on Sunday and that he would live stream the whole process. It is not clear if the hacker was - or is - going to use the same bug that Facebook discovered on September 25 to attack Zuckerberg's account or if he would use some other trick.
"On the afternoon of Tuesday, September 25, our engineering team discovered a security issue affecting almost 50 million accounts. We're taking this incredibly seriously," Guy Rosen, Facebook VP of product management wrote on the company blog.
The security flaw apparently is so grave that it allows a potential hacker to take control of a Facebook account. It works through a Facebook feature called View As that lets Facebook users see how their profile looks to public and their friends. But apparently this feature exposes the security token associated with the Facebook profile and session and that lets a crafty hacker or anyone with sufficient tech knowledge to take control of someone's Facebook account. Facebook also said that while it has fixed the problem and while it reviews the View As feature, it is disabling the View As option for all accounts.
The social media site has also said that it is notifying around 90 million users whose Facebook accounts it believes are at the risk of falling prey to hackers due to the View As bug. These users will have to log into their Facebook account and change their passwords immediately.
So how do you know that your account is among the affected accounts? Apparently, you will be forced logged out of Facebook. This is going to happen for around 90 million users. Suddenly if you find yourself logged out of the Facebook app or from the Facebook website, it is possible that your account was exposed to hackers due to the View As bug.
Facebook has explained how the security breach allows someone to exploit Facebook accounts. "Our investigation is still in its early stages. But it's clear that attackers exploited a vulnerability in Facebook's code that impacted View As a feature that lets people see what their own profile looks like to someone else. This allowed them to steal Facebook access tokens which they could then use to take over people's accounts. Access tokens are the equivalent of digital keys that keep people logged in to Facebook so they don't need to re-enter their password every time they use the app," wrote Rosen.
Facebook says that it has taken three steps to fix the issue. One, the View As bug has been rectified and fixed. Second, it has reset passwords for 90 million users - 50 million directly affected and 40 million at risk - and third it has notified law enforcement agencies.
The news of the Facebook accounts breach comes a day after a hacker in Taiwan said that he would delete the account of Mark Zuckerberg from Facebook on Sunday and that he would live stream the whole process. It is not clear if the hacker was - or is - going to use the same bug that Facebook discovered on September 25 to attack Zuckerberg's account or if he would use some other trick.
Contact customer helpline
ReplyDelete+1 866 528 5ӨӨ'7 ././.