Skip to main content

A Facebook breach put 50 million accounts at risk: Here's what you need to know

[ad_1]


The Facebook app typically keeps you logged in pretty much forever, so you can pop by at any time and scroll through your feed (and look at a few ads while you’re at it). This morning, however, 90 million users found that they had to log back in thanks to a “your session has expired” error message. It seemed like a simple bug, but it’s actually the result of a “security issue” that Facebook discovered earlier this week that could affect the personal data of up to 50 million users.



According to Facebook’s statement, Facebook employees originally noticed the issue on Tuesday, September 25. The problem arose from an exploit within a feature called “view as,” which allows users to see their pages how others would. This feature required the use of an “access token,” which is what hangs around your computer or phone to keep you logged in at all times.



By stealing that access token, people with bad intentions could “take over” an account, Facebook says. According to statements made after the initial revelation, the vulnerability traced back to a utility that allowed users to upload “Happy Birthday” videos to their feeds.



Facebook says it has fixed the issue and that it revoked the access tokens for the 50 million accounts that may be affected, as well as 40 million more that have been subject to a “view as” lookup within the last year.


The company has disabled “View As” functionality for the moment, which it says will prevent further account hacks. However, the company goes on to say that the investigation is just getting started, so if you get randomly logged out of all your Facebook stuff in the coming months or weeks, you may also get a security notice once you’re in. Even if you don’t see a notice when you log in (I didn’t when it happened to me this morning), it’s probably a good idea to check the Facebook newsroom to see if more accounts were affected.



This investigation will likely go on for some time and Facebook is reportedly already working with the FBI because of the complexity of the attack. The company hasn't said whether or not it's possible that a foreign actor or even a nation-state could be involved, but it's a question we will likely hear a lot as the probe progresses.



Right now, Facebook says you don’t have to change your passwords because the hackers used a side entrance to your account rather than compromising your login. The company also says that credit card information is safe if you have it stored in your account, but it can never hurt to be vigilant about your other accounts and logins.



We will update this article with future developments.




[ad_2]

Written By Stan Horaczek

Comments

Post a Comment

Popular posts from this blog

Ice technicians are the secret stars of the Winter Olympics

[ad_1] The emphasis of this year's two-week-long Winter Olympic Games has been placed squarely on the Olympians themselves. After all, the stated purpose of the international competition is to bring together the world’s greatest athletes in a nail-biting competition across fifteen different winter sports. But before the curlers, skiers, and skaters even arrived in Pyeongchang, South Korea, the Olympians of the ice technician world were already a few weeks deep in a competition of their own. Mark Callan of the World Curling Federation and Markus Aschauer of the International Bobsleigh and Skeleton Federation both say they’re hoping to make the best ice the Winter Olympics have ever seen. To transform the barren concrete jungle of existing tracks and arenas into an ice- and snow-covered wonderland is an enormous undertaking. And it takes a keen understanding of the physics and chemistry that keeps frozen precipitation pristine. Curling Callan has been making and maintaining ic...
Post a Comment
Read more

With Operation Popeye, the U.S. government made weather an instrument of war

[ad_1] It was a seasonably chilly afternoon in 1974 when Senators Claiborne Pell, a Democrat from Rhode Island, and Clifford Case, a Republican from New Jersey, strode into the chambers of the Senate Committee on Foreign Relations for a classified briefing. While the meeting was labeled “top secret,” the topic at hand was rather mundane: They were there to discuss the weather. More specifically, Pell, the chairman of the now-defunct subcommittee for Oceans and International Environment, and his colleague were about to learn the true extent of a secret five-year-old cloud seeding operation meant to lengthen the monsoon season in Vietnam, destabilize the enemy, and allow the United States to win the war. Though it cycled through several names in its history, "Operation Popeye" stuck. Its stated objectives—to ensure Americans won the Vietnam War—were never realized, the revelation that the U.S. government played God with weather-altering warfare changed history. The...
Post a Comment
Read more

University supercomputers are science's unsung heroes, and Texas will get the fastest yet

[ad_1] Supercomputers are powerful machines with great names—Blue Waters, Bridges, Jetstream, Comet. But a new one will soon be joining that list: Frontera. The $60 million machine will live at the University of Texas at Austin and is scheduled to come online next year. “It will be the fastest machine ever deployed at a university in the US,” says Dan Stanzione, the executive director of the Texas Advanced Computing Center. With supercomputers, the title of fastest is a moving target—what’s perhaps more important is not the exact ranking, but that they’re available for researchers to use in the first place. Right now, the fastest supercomputer in the world is called Summit, and it’s at the Oak Ridge National Laboratory in Tennessee, part of the Department of Energy (DOE), and is specifically tailored for AI. But supercomputers located not at government labs but at universities—like Frontera and its ilk—play a crucial role in the ever...
Post a Comment
Read more