How Does One Bury Bad News? Claim 50 Million Accounts Hacked
How Does One Bury Bad News? Claim 50 Million Accounts Hacked from The Free Thought Project
TDC Note – Funny how this “breach” or “hack” coincides with the Kavanaugh appointment that has held the attention of the entire country for 48 hours.
Facebook admits security breach affected 50million accounts – attackers stole Facebook access tokens that they “could then use to take over people’s accounts”
Facebook has admitted having a “security issue” with nearly 50 million accounts which had their “access tokens” compromised. The social media giant has reset tokens for another 40 million accounts as a “precaution.”
The issue affected nearly 50 million accounts, which would require users to re-enter their passwords. The security issue was discovered by the company’s engineers on Tuesday. Hackers have been apparently able to fetch the so-called “access tokens” – digital keys, which allow a user to stay logged into Facebook and to not re-enter their passwords each time they use the application.
“Our investigation is still in its early stages. But it’s clear that attackers exploited a vulnerability in Facebook’s code that impacted “View As”, a feature that lets people see what their own profile looks like to someone else,” the tech giant said in a statement.
BREAKING: Facebook admits security breach affected 50million accounts – attackers stole Facebook access tokens that they “could then use to take over people’s accounts” pic.twitter.com/KCWSkzbk2G
— Sean Keach (@SeanKeach) September 28, 2018
The vulnerability has been already fixed, according to Facebook, and the “View As” feature has been temporarily disabled.
“This attack exploited the complex interaction of multiple issues in our code. It stemmed from a change we made to our video uploading feature in July 2017, which impacted “View As.” The attackers not only needed to find this vulnerability and use it to get an access token, they then had to pivot from that account to others to steal more tokens,” Facebook stated.
This is a great time for FB to bury bad news #KavanaughHearings
— Olivia Solon (@oliviasolon) September 28, 2018
Damage done by the attack is yet to be evaluated, it remains unclear whether the affected accounts “were misused or any information accessed.” Source of the attack and who was behind it also remain unidentified, according to Facebook.