Facebook on Friday disclosed a security flaw which could have allowed 50 million accounts to be taken over by hackers.
The large social network said it learned this week of the attack that allowed hackers to steal “access tokens,” the equivalent of digital keys that enable them to access their accounts.
“It’s clear that attackers exploited a vulnerability in Facebook’s code,” vice president of product management Guy Rosen said in a blog post.
“We’ve fixed the vulnerability and informed law enforcement.”
In a blog post, the company says hackers exploited its “View As” feature, which lets people see what their profiles look like to someone else. Facebook says it has taken steps to fix the security problem and alerted law enforcement.
To deal with the issue, Facebook reset some logins, so 90 million people have been logged out and will have to log in again. That includes anyone who has been subject to a “View As” lookup in the past year.
Facebook says it doesn’t know who’s behind the attacks or where they are based.
The hack is the latest security headache for Facebook, which has been dealing with political disinformation campaigns from Russia and elsewhere since 2016.
Facebook, Google agree to tackle fake news, says EUFacebook, Google and others have agreed voluntary measures to tackle fake news due to concerns they can influence elections, the European Commission ... Digital
Facebook unveils Quest, its new virtual-reality headsetFacebook CEO Mark Zuckerberg is off to a slow start in his mission to bring virtual reality to the masses, so perhaps it’s appropriate his ... Technology
Facebook, Twitter must comply with EU consumer rules or face sanctionsFacebook and Twitter face sanctions unless they comply with European consumer rules by the end of the year, the EU said as its regulators continue to ... Digital
Trump warns Facebook, Google and Twitter to ‘be careful’President Donald Trump stepped up his criticism of internet firms Tuesday, hours after attacking Google over what he called “bias” against ... Digital