50 million users affected
Today, the already beleaguered Facebook announced they have suffered a breach of security. Fifty million users had their data exposed in the breach, which occurred earlier this week. If you noticed that you had to log into your account this morning – that was why. The vulnerability has since been fixed, but the forced log in was an additional safety measure.
“View As” Vulnerability
Although they are still investigating what led to the security breach, it appears as though the “view as” feature – which allows you to see your account as viewed by other people – was the location of the hack. Attackers used that particular code to steal “access tokens” and take over accounts. Because this bypasses the need for a password, Facebook is assuring users that users don’t need to change security settings. However, if you haven’t changed your password in a while, this is a good time to do so.
It is unclear at this point what information the attackers gained from the breach.
This is just the latest in a number of problems Facebook has faced recently, including an investigation into their data and privacy issues. And I expect this won’t be the last time this year I will write a blog about Facebook’s woes.
What do you think? Are you questioning your use of Facebook?