X

Hacker on the prowl to ‘view’ FB profiles; 50 million users affected

Facebook (FB) has failed to keep its promise on the security front once again, indicating the efforts being made by the social media giant to put things in order are probably not working. A blog post by the company Friday said its platform came under a major cyberattack, putting around 50 million user accounts at risk.

The bug, which was identified a week ago, is said to have “exploited a vulnerability in the View As” feature of the website that allows people to see how others view their profiles. Facebook has launched a detailed investigation into the matter and has promised to take immediate action to ensure users’ security.

“We have yet to determine whether these accounts were misused or any information accessed. We also don’t know who’s behind these attacks or where they’re based,” said product management VP Guy Rosen.

Facebook has launched a detailed investigation into the matter and promised to take immediate action to ensure users’ security

It is suspected that hackers sneaked into access tokens, which function as digital keys to let users remain online without having to repeat the process all over again whenever they sign in. The bug will ultimately allow the hackers to access the profiles. According to the post, the access tokens of all accounts have been affected.

Facebook claims to have fixed the snag that caused the break-in by resetting the tokens of the affected users and alerted the law enforcement agencies. The security update has also been applied to around 40 million more accounts, which were subject to a ‘View As’ lookup last year. Also, all the 90 million users have been alerted about the breach, requiring them to re-login.

Facebook: A look at life after the F8 conference

A few months ago, Facebook encountered a similar data breach and admitted that a technical glitch in the users’ settings made a huge volume of private messages accessible to ‘public’, affecting 14 million users. The bug intruded into users’ profiles and reset their privacy preferences, making private posts visible to virtually everyone who uses the platform.

Earlier this month, Facebook COO Sheryl Sandberg had testified before the Senate facing questions on various cases of data breach on the platform, including the one involving controversial UK firm Cambridge Analytica. Then, Sandberg had vowed to have a comprehensive security system in place to prevent such incidents from happening in the future.

Friday’s news triggered a selloff and Facebook shares lost more than 3% in the afternoon, extending the downward slide that began earlier this week.

Insta duo exit: Is the Facebook ship being run too tight?

Categories: LATEST Technology
Related Post