Facebook said the data of at least 50 million accounts has been breached. The company has alerted law enforcement and fixed the flaw, a vulnerability in the code related to its “View As” feature.
Facebook also reset the access tokens of the almost 50 million accounts it knows were affected, plus of another 40 million accounts that were subject the vulnerability last year.
This means a total 90 million people will have to log back in to the Facebook or any of the apps that use a Facebook login, though they will not have to change their passwords, the company said Facebook added that it will reset the access tokens of any more accounts it finds were affected by the vulnerability, implying there could be more.
The flaw came to be after a change made to the company’s video uploading feature in July 2017. Facebook said it has started a full investigation but does not yet know if the accounts breached were misused or if any information was accessed. It also does not know who the attackers were or where they were based.
The company is inviting people to visit its Help Center if they forgot their password or the “security and login” section if they want to log out of Facebook and check all the places they might be logged in.
SOURCE: Telecom Paper