Facebook Uncovers 'Security Issue' Affecting Nearly 50 Million Accounts

by

Facebook this morning announced that its engineering team on Tuesday discovered that hackers have exploited a vulnerability in its code, allowing hackers to steal Facebook access tokens for almost 50 million accounts.

According to Facebook, hackers took advantage of security flaws in its "View As" code, which is a feature designed to let people see what their profile looks like to someone else. The Facebook access tokens that were stolen are digital keys that allow people to stay logged in to Facebook.

facebooksecurity

This attack exploited the complex interaction of multiple issues in our code. It stemmed from a change we made to our video uploading feature in July 2017, which impacted "View As." The attackers not only needed to find this vulnerability and use it to get an access token, they then had to pivot from that account to others to steal more tokens.

It is not clear whether the accounts affected were misused or have had information accessed at this time, and Facebook does not know who executed the attacks.

Facebook says that the vulnerability has been patched at this time, and authorities have been informed. Facebook has reset the access tokens of the nearly 50 million accounts that were affected along with another 40 million accounts that have been subject to a "View As" lookup in the last year.

Customers who have been logged out of their apps will receive a message about what happened once they log back in.

While a security review is conducted, Facebook is turning off the "View As" feature that was used for the hack.

Facebook says that it is "sorry this happened" and that people's privacy and security "is incredibly important." No one needs to change their passwords, according to Facebook, but those concerned can visit the "Security and Login" section in settings to log out of all devices at once.

Today's Facebook hack comes just a day after Facebook was found to be using phone numbers that customers provided for 2-factor authentication for ad targeting purposes and shadow contact building.

Tag: Facebook

Top Rated Comments

snowboarder Avatar
snowboarder
73 months ago
Facebook is the worst thing ever. It destroyed the society and made people dumb.
Score: 25 Votes (Like | Disagree)
iapplelove Avatar
iapplelove
73 months ago
Never had a FB account.
Score: 22 Votes (Like | Disagree)
oneMadRssn Avatar
oneMadRssn
73 months ago
Stop using Facebook people! There is a better and safer alternative to each fb feature. I can't think of a single good reason to still be on Facebook - there are none.
Score: 22 Votes (Like | Disagree)
Jimmy Bubbles Avatar
Jimmy Bubbles
73 months ago
even more of a reason to delete your Facebook...Get on Gab!
Score: 21 Votes (Like | Disagree)
oneMadRssn Avatar
oneMadRssn
73 months ago
1) My work group is on FB chat. Gonna be a pain to suggest a different one.
2) Dank memes.
1. get a better job.

2. all the good memes are on reddit first.
Score: 13 Votes (Like | Disagree)
cmaier Avatar
cmaier
73 months ago
what an awful company.
Score: 12 Votes (Like | Disagree)
Read All Comments

Popular Stories

maxresdefault

Apple Announces 'Let Loose' Event on May 7 Amid Rumors of New iPads

Tuesday April 23, 2024 7:11 am PDT by
Apple has announced it will be holding a special event on Tuesday, May 7 at 7 a.m. Pacific Time (10 a.m. Eastern Time), with a live stream to be available on Apple.com and on YouTube as usual. The event invitation has a tagline of "Let Loose" and shows an artistic render of an Apple Pencil, suggesting that iPads will be a focus of the event. Subscribe to the MacRumors YouTube channel for more ...
Read Full Article277 comments
Apple Silicon AI Optimized Feature Siri

Apple Releases Open Source AI Models That Run On-Device

Wednesday April 24, 2024 3:39 pm PDT by
Apple today released several open source large language models (LLMs) that are designed to run on-device rather than through cloud servers. Called OpenELM (Open-source Efficient Language Models), the LLMs are available on the Hugging Face Hub, a community for sharing AI code. As outlined in a white paper [PDF], there are eight total OpenELM models, four of which were pre-trained using the...
Read Full Article84 comments
Apple Vision Pro Dual Loop Band Orange Feature 2

Apple Cuts Vision Pro Shipments as Demand Falls 'Sharply Beyond Expectations'

Tuesday April 23, 2024 9:44 am PDT by
Apple has dropped the number of Vision Pro units that it plans to ship in 2024, going from an expected 700 to 800k units to just 400k to 450k units, according to Apple analyst Ming-Chi Kuo. Orders have been scaled back before the Vision Pro has launched in markets outside of the United States, which Kuo says is a sign that demand in the U.S. has "fallen sharply beyond expectations." As a...
Read Full Article416 comments
iOS 18 Siri Integrated Feature

iOS 18 Rumored to Add These 10 New Features to Your iPhone

Wednesday April 24, 2024 2:05 pm PDT by
Apple is set to unveil iOS 18 during its WWDC keynote on June 10, so the software update is a little over six weeks away from being announced. Below, we recap rumored features and changes planned for the iPhone with iOS 18. iOS 18 will reportedly be the "biggest" update in the iPhone's history, with new ChatGPT-inspired generative AI features, a more customizable Home Screen, and much more....
Read Full Article
iPad And Calculator App Feature 1

Apple Finally Plans to Release a Calculator App for iPad Later This Year

Tuesday April 23, 2024 9:08 am PDT by
Apple is finally planning a Calculator app for the iPad, over 14 years after launching the device, according to a source familiar with the matter. iPadOS 18 will include a built-in Calculator app for all iPad models that are compatible with the software update, which is expected to be unveiled during the opening keynote of Apple's annual developers conference WWDC on June 10. AppleInsider...
Read Full Article222 comments