Facebook Vulnerability Impacted 50 Million Accounts

1. October 2018

On 25.09.2018 Facebook's engineering team discovered a vulnerability in Facebook's code that impacted "View As" feature that lets people see what their own profile looks like to someone else. This vulnerability allowed attackers to steal Facebook access tokens and take over users' accounts. The security issue affected almost 50 million accounts.

Facebook declared to have fixed the vulnerability and informed law enforcement.

Facebook has reset the access tokens of the 50 million affected accounts to protect their security, and of another 40 million accounts that have been subject to a “View As” look-up in the last year. As a result, around 90 million people will now have to log back into Facebook, or any of their apps that use Facebook Login. After they have logged back in, people will get a notification at the top of their News Feed explaining what happened.

Facebook temporarily turned off the "View As" feature while they conduct a thorough security review.

Facebook stated that there was no need for anyone to change their password. Additionally, if anyone wants to take the precautionary action of logging out of Facebook, they should visit the "Security and Login" section in Settings. It lists the places people are logged into Facebook, including a one-click option to log out of them all.



Source: https://newsroom.fb.com/news/2018/09/security-update/


Аdditional info: 




The website www.cert.rs uses cookies for improvement of user experience and website functionality. By continuing to browse this website, you agree to the use of cookies.