BRIEF: Facebook Says 50M User Accounts Have Been Breached

The vulnerability has been patched and law enforcement has been notified, the company says.

by Sam Dean, Los Angeles Times / September 28, 2018
Facebook says 50 million user accounts have been affected by a security breach (Dreamstime/TNS) TNS

(TNS) — Nearly 50 million Facebook accounts have been affected by a security breach that enabled hackers to take over users’ accounts, the social media giant announced Friday.

The vulnerability was discovered Tuesday afternoon and has been patched, and law enforcement has been notified, according to a Facebook “security update” post.

“Attackers exploited a vulnerability in Facebook’s code that impacted ‘View As,’ a feature that lets people see what their own profile looks like to someone else,” the post said. “This allowed them to steal Facebook access tokens which they could then use to take over people’s accounts. Access tokens are the equivalent of digital keys that keep people logged in to Facebook so they don’t need to reenter their password every time they use the app.”

Facebook said it has reset the tokens of all affected users and, as a precaution, 40 million additional users, in effect logging them off. They will have to log back in next time they use the service.

The company said it was in the early stages of its investigation into the issue.

©2018 Los Angeles Times Distributed by Tribune Content Agency, LLC.

Platforms & Programs