Another day, another set of Facebook accounts that have been breached.
It has not been a good year for Mark Zuckerberg or for his creation. Friday was no exception as Facebook announced that as many as 50 million accounts were breached in an attack on one of the most popular social media sites.
The breach was discovered by Facebook earlier this week and since then has been patched. This patch was to stop attackers from taking over any user accounts.
The attackers were able find an area of code that was vulnerable to an attack. This impacted the “View As” feature, which allows users to compare their profile to another person’s profile. This allowed for the attackers to steal access tokens and use them to take over user accounts.
Those tokens are more or less a key that allows for users to stay logged in to their accounts, which is very beneficial so they do not have to login every time to use their account. This is unlike MyRU accounts, which require you to login every time you use them.
After the breach was found, Facebook shut down the access keys of over 90 million users, which included the 50 million users that were breached and another 40 million that were subjected to “View As” searches within the past year. Guy Rosen, the vice president of product management, made that announcement to USA Today.
All of those users will have to log back in, but according to Facebook, there is no need for anyone to worry about changing their passwords.
Zuckerberg said in a conference call to reporters, “We are taking it really seriously.” Zuckerberg also went on to say, “I am glad we found this, but it definitely is an issue that this happened in the first place.”
This incident for Facebook is another chapter to a year that they would want to forget since they have to deal with the aftermath of the Cambridge Analytica scandal and the supposed Russian meddling campaign in the 2016 elections.