Skip to main content

A Facebook breach put 50 million accounts at risk: Here's what you need to know

[ad_1]


The Facebook app typically keeps you logged in pretty much forever, so you can pop by at any time and scroll through your feed (and look at a few ads while you’re at it). This morning, however, 90 million users found that they had to log back in thanks to a “your session has expired” error message. It seemed like a simple bug, but it’s actually the result of a “security issue” that Facebook discovered earlier this week that could affect the personal data of up to 50 million users.



According to Facebook’s statement, Facebook employees originally noticed the issue on Tuesday, September 25. The problem arose from an exploit within a feature called “view as,” which allows users to see their pages how others would. This feature required the use of an “access token,” which is what hangs around your computer or phone to keep you logged in at all times.



By stealing that access token, people with bad intentions could “take over” an account, Facebook says. According to statements made after the initial revelation, the vulnerability traced back to a utility that allowed users to upload “Happy Birthday” videos to their feeds.



Facebook says it has fixed the issue and that it revoked the access tokens for the 50 million accounts that may be affected, as well as 40 million more that have been subject to a “view as” lookup within the last year.


The company has disabled “View As” functionality for the moment, which it says will prevent further account hacks. However, the company goes on to say that the investigation is just getting started, so if you get randomly logged out of all your Facebook stuff in the coming months or weeks, you may also get a security notice once you’re in. Even if you don’t see a notice when you log in (I didn’t when it happened to me this morning), it’s probably a good idea to check the Facebook newsroom to see if more accounts were affected.



This investigation will likely go on for some time and Facebook is reportedly already working with the FBI because of the complexity of the attack. The company hasn't said whether or not it's possible that a foreign actor or even a nation-state could be involved, but it's a question we will likely hear a lot as the probe progresses.



Right now, Facebook says you don’t have to change your passwords because the hackers used a side entrance to your account rather than compromising your login. The company also says that credit card information is safe if you have it stored in your account, but it can never hurt to be vigilant about your other accounts and logins.



We will update this article with future developments.




[ad_2]

Written By Stan Horaczek

Comments

Post a Comment

Popular posts from this blog

Ice technicians are the secret stars of the Winter Olympics

[ad_1] The emphasis of this year's two-week-long Winter Olympic Games has been placed squarely on the Olympians themselves. After all, the stated purpose of the international competition is to bring together the world’s greatest athletes in a nail-biting competition across fifteen different winter sports. But before the curlers, skiers, and skaters even arrived in Pyeongchang, South Korea, the Olympians of the ice technician world were already a few weeks deep in a competition of their own. Mark Callan of the World Curling Federation and Markus Aschauer of the International Bobsleigh and Skeleton Federation both say they’re hoping to make the best ice the Winter Olympics have ever seen. To transform the barren concrete jungle of existing tracks and arenas into an ice- and snow-covered wonderland is an enormous undertaking. And it takes a keen understanding of the physics and chemistry that keeps frozen precipitation pristine. Curling Callan has been making and maintaining ice for m
Post a Comment
Read more

In the wake of NYC terrorist attack, Trump says he's ordered increased 'Extreme Vetting'

[ad_1] President Donald Trump has requested for a heightened vetting program following Tuesday's terrorist attack in New York. @realDonaldTrump: I have just ordered Homeland Security to step up our already Extreme Vetting Program. Being politically correct is fine, but not for this! Earlier, he tweeted that the attack in lower Manhattan was committed by a "sick and deranged person." @realDonaldTrump: In NYC, looks like another attack by a very sick and deranged person. Law enforcement is following this closely. NOT IN THE U.S.A.! His remarks came after a motorist drove onto a busy bicycle path near the World Trade Center memorial and struck several people on Tuesday, leaving at least eight people dead and a dozen injured. NBC News repor
Post a Comment
Read more

How to save everything you post to social media

[ad_1] If you get the urge to revisit that cute photo you posted some time last year, you'll have to scroll through your timeline for what feels like hours to track it back down. Instead, when you share a post on social media, also save it to your phone for safe-keeping. This will not only save your social media hits for posterity, but also make them easier to find if you ever need to rediscover them. In this guide, we focus on saving photos and videos, because text posts are slightly more complicated—the only way to really preserve text from Facebook and Twitter is to download your entire archive (we'll explain how to do this below), and Instagram and Snapchat don't let you save or export your instant messages at all. When it comes to photos and videos, there's a shortcut to make sure they stay on your phone: Originally film them through a dedicated app, which will save them to a gallery. Only then should you open up a social media app to share them. However, there'
Post a Comment
Read more