Satoshi Nakamoto Blog
Image default
Civic Innovation data Facebook Privacy Security Social Media

Hackers access up to 50M Facebook accounts exploiting ‘vulnerability’ in platform’s code – GeekWire

Life-seized cutouts of Facebook CEO Mark Zuckerberg appeared on the Capitol lawn before his testimony before Congress earlier this year. (Flickr Photo / Joe Flood)

Hackers were able to access nearly 50 million Facebook accounts by exploiting a security vulnerability, the company said Friday. In response, Facebook logged about 90 million users out of their accounts as a security measure.

Exploiting a feature called “View As,” which allows Facebook users to see their profiles as other people do, hackers stole Facebook access tokens. Those tokens keep Facebook users logged in so that they don’t need to enter their password each time they access the app.

Facebook said it is still investigating the incident and does not know the identities or locations of the hackers. The company has notified law enforcement of the breach. Officials from the company know that nearly 50 million accounts were affected and reset access tokens for an additional 40 million as a precaution.

The breach comes at a critical moment for Facebook, which is facing federal investigations and public outcry over how the company handles its massive trove of user data. Earlier this year, the company landed in hot water when Cambridge Analytica used Facebook data for political purposes without users’ consent. Facebook said data from up to 87 million people was illegitimately shared with the British firm.

Facebook and other tech giants are also facing the looming prospect of a federal data privacy law. Amazon, Apple, Google, Twitter, and other big tech companies sent representatives to Washington D.C. this week for a hearing on privacy regulation. Facebook did not attend that hearing but has sent executives to the capital to testify on privacy issues over the past year.

Source link

Related posts

WhatsApp’s chief business officer is leaving


Facebook Removes 5 Accounts Tied to Shady Disinformation Tactics in Alabama Special Election


At Blind, a security lapse revealed private complaints from Silicon Valley employees


Storage gets busy with cyber-resiliency duties


Play Store Malware Infects Half a Billion


How I made my very own WireGuard VPN server