Friday, September 28, 2018

Facebook says 50 million accounts affected by account takeover bug

Facebook has said 50 million user accounts may be at risk after hackers exploited a security vulnerability on the site.

The company said in a blog post Friday that it discovered the bug earlier in the week. The bug is part of the site’s “View As” feature that lets a user view their profile as someone else.

Facebook said that it’s reset those access tokens, and an additional 40 million accounts. Anyone affected may have been logged out of their account — either on their phone or computer. Facebook also said that users will be notified once they log in.

The company has switched off the “View As” feature in the meantime while it conducts a security review.

“We have yet to determine whether these accounts were misused or any information accessed,” said Guy Rosen, Facebook’s vice president of product management. “We also don’t know who’s behind these attacks or where they’re based.”

Facebook has contacted law enforcement, the blog post said. The social network has 2.2 billion monthly active users.

“If we find more affected accounts, we will immediately reset their access tokens,” said Rosen.

Facebook did not immediately respond to a request for comment.

More soon…



from TechCrunch https://ift.tt/2xX2QNb

No comments:

Post a Comment