Taboola script Diabled on 7th April on request Adpushup head code Diabled on 7th April on request

Facebook Security Breach Could Compromise 50 Million Users

29 Sep, 2018 11:08 IST|Sakshi
Data of 50 million Facebook users have been exposed following a massive security breach by unknown hackers, its CEO Mark Zuckerberg said

Washington: Data of 50 million Facebook users have been exposed following a massive security breach by unknown hackers, its CEO Mark Zuckerberg said, amid fears that a significant number of the accounts affected could be from India.

The precautionary measure taken by the social media giant has impacted another 40 million users, Zuckerberg said Friday.

In a conference call with reporters, he did not give a country-wise of the user accounts hit by the data breach.

However, a significant number of affected users are expected to be from India, given that the company has the maximum 270 million users in the country. It has 2 billion global users.

Facebook did not immediately respond to a PTI question on the number of accounts affected in India.

"On Tuesday afternoon, our engineering team found an attack affecting up to 50 million accounts on Facebook. The attackers exploited a vulnerability in the code of the View As feature which is a privacy feature that lets people see what their Facebook profile would look like to another person," Zuckerberg said.

"The vulnerability allowed the attackers to steal Facebook access tokens - which are the equivalent of a digital key - which the attackers could have used to take over or access people's accounts," he said.

Stressing that the investigation into the incident was still at a nascent stage, Zuckerberg said the social media giant does not know if any of the accounts were misused or who was behind the cyberattacks.

"So far, our initial investigation has not shown that these tokens were used to access any private messages or posts or to post anything to these accounts." He said Facebook has taken steps to patch the security flaw to prevent this attacker - or any other attacker - from being able to steal additional access tokens.

Facebook has invalidated access tokens for the accounts, causing those users to be logged out.

"These people will now have to log back in to access their accounts again and we will also notify these people in a message on top of their News Feed about what happened when they log back in," the chief executive officer said.

In addition to getting in touch with law enforcement agencies, including the FBI, Zuckerberg said Facebook is logging out all users who used the "View As" feature since the flaw was introduced last year as a precautionary measure.

"This will require another 40 million people - or more - to log back into their accounts," he said.

"This is a really serious security issue. And we're taking it really seriously. We have a major security effort at the company that hardens all of our surfaces, and investigates issues like this," he said in response to a question.

"In this case I'm glad that we found this and that we were able to fix the vulnerability and secure the accounts. But it definitely is an issue that this happened in the first place," he said.

Gary Rosen, vice president pf product management at Facebook, said in all 90 million users would have to log back in. "After they have logged back in, people will get a notification at the top of their News Feed explaining what happened," he said.

Facebook said users don't need to change their passwords. (PTI)

The Latest: Facebook Says Hackers Could Access Some Apps

Facebook says it doesn’t know whether hackers had specific targets in exploiting security vulnerabilities to access some 50 million user accounts.

Facebook executive Guy Rosen says the attack seems broad. He says Facebook doesn’t know who’s behind the attacks or where they’re based.

The company says hackers exploited its “View As” feature, which lets people see what their profiles look like to someone else. Rosen says the bug somehow allowed a video uploader to appear for sending happy birthday messages. Another bug then created a log-in key that made Facebook think the hacker had legitimately signed in with the account being viewed.

Facebook says the investigation is continuing.

One security expert says the hacking attack on Facebook is serious — but only Facebook knows how serious.

Jake Williams, the president of Rendition Infosec, says the log-in keys that hackers got on some 50 million user accounts would likely allow hackers to view private information and post on other people’s behalf. He says access could also extend to other Facebook apps, such as Messenger.

He says the bigger concern is whether this could affect third-party applications since so many people let other sites log them in with their Facebook credentials.

But he says the log-in keys, called access tokens, wouldn’t let hackers get the users’ actual passwords. Facebook is saying there’s no need for users to reset passwords.

Facebook disclosed the breach Friday.

Facebook is saying the security breach affecting 50 million user accounts required some sophistication.

Facebook executive Guy Rosen says hackers exploited three distinct bugs to access the accounts. He says hackers needed to not only steal log-in keys but know how to use them.

Facebook says hackers got those keys, called access tokens, through Facebook’s “View As” feature, which lets people see what their profiles look like to someone else. These tokens keep people logged in so they don’t have to re-enter passwords each time.

The company says it started investigating when it noticed increased user access to the service nearly two weeks ago. Facebook says the FBI has been notified in the U.S., as have Irish data protection officials for the European Union.

Facebook CEO Mark Zuckerberg says the company doesn’t know yet whether hackers who had exploited a security vulnerability have misused any of the user account information.

He says there’s no evidence yet that hackers used the vulnerability to see other people’s private messages or posts or to post on those accounts. But Facebook says the investigation is continuing.

Facebook says it recently discovered a security breach affecting nearly 50 million user accounts.

In a blog post, the company says hackers exploited its “View As” feature, which lets people see what their profiles look like to someone else. Facebook says it has taken steps to fix the security problem and alerted law enforcement.

Facebook says it recently discovered a security breach affecting nearly 50 million user accounts.

In a blog post, the company says hackers exploited its “View As” feature, which lets people see what their profiles look like to someone else. Facebook says it has taken steps to fix the security problem and alerted law enforcement.

To deal with the issue, Facebook reset some logins, so 90 million people have been logged out and will have to log in again. That includes anyone who has been subject to a “View As” lookup in the past year.

Facebook says it doesn’t know who’s behind the attacks or where they’re based.

The hack is the latest security headache for Facebook, which has been dealing with political disinformation campaigns from Russia and elsewhere since 2016. (AP)

Also Read: Facebook ‘Stories’ Feature Attracts ‘300’ Mn Users

whatsapp channel
Tags
facebookhackerssecurity breach
Read More:
Cannes competition jury headed by Greta Gerwig poses for shutterbugs on the Croisette
Greta Gerwig dwells on #MeToo in address to media as Cannes jury president
Wamiqa Gabbi posts goofy video on Chahat Fateh Ali Khan's viral song 'Bado Badi'
Esha Deol happy to be back to work; says new projects to be announced soon
Prabhas Stuns Japanese Fans! Check Out Deets Here!
Bengali film 'Joyguru' based on Parvathy Baul's life heads for Cannes film market
Abrar Qazi shares how Rachi Sharma defines his style by picking right combinations
Farah Khan red flags mounting entourage cost of actors, says it burdens producers
Priyanka Chopra's Heartwarming Video with Daughter Malti's Toys!
Celesti Bairagey savours Punjabi cuisine, lassi while shooting for 'Amber Girls School'
Controversial Video: Suchi on Dhanush, Aishwarya, GV Prakash and More!
Salman Shaikh’s track in ‘Jhanak’ comes to an end, to essay antagonist in ‘Suhaagan’
Neha Kakkar describes 'Sonchadi' as an enduring love story 'woven into essence of nature'
'Aangan Aapno Kaa' cast members don multiple avatars, from NRI to pauper, for new track
Watch: Rashmika Mandanna Asked To Remove Her Mask, Here's Her Reaction!
Saif Ali Khan modifies Kareena’s tattoo that he sports on his forearm
For Ikka, working with Badshah, Diljit Dosanjh allows him to push boundaries
This is Why Ram Charan Moved Into In-Laws House!
Narendra Kumar ventures into women’s wear after two decades of outfitting men
3rd T20I: Rizwan, Babar, Shaheen Afridi excel as Pakistan beat Ireland, win series 2-1
IPL 2024: Porel, Stubbs fifties, Ishant’s 3-34 help DC survive Arshad scare to beat LSG by 19 runs (ld)
IPL 2024: Ishant Sharma takes 3-34 as DC survive Arshad scare to beat LSG by 19 runs
WADA to hold special Board meeting over contamination case involving swimmers from China
La Liga 2023-24: Focus on Sevilla in key survival battles in Spanish top-flight
IPL 2024: Fifties by Porel, Stubbs carry Delhi Capitals to 208/4 against LSG
'A chance for young players to have a breakout performance, says PBKS assistant coach Haddin ahead of RR clash
U20 men's football nationals: Demanding wins for Mizoram, Meghalaya
Emirates Stadium set to become home ground for Arsenal women’s team
Pakistan appoint David Reid as mental health coach for T20 World Cup
Women's cricket: India to host South Africa for multi-format series between June & July
IPL 2024: Arshad, Mohsin & Yudhvir come in as LSG elect to bowl first against Pant-led DC
T20 World Cup 2024 2nd semifinal to omit reserve day, India might face brunt: Report
‘It is indeed a very proud moment for me’: Manika Batra after achieving career-best ranking (Ld)
Cadiz CF face Sevilla in crucial La Liga relegation battle
Gary Kirsten to join Pakistan team in Leeds ahead of first T20I against England
Indian men's hockey team leaves for FIH Hockey Pro League 2023/24 matches in Europe
Italian Open: Bopanna-Ebden suffer second round exit
Elorda Cup 2024: India boxer Gaurav enters semis to confirm medal; Shiv Thapa crashes out
More News
Study finds AI chatbots feed our own bias back to us
Meta’s decision to take down documentary on child victims of sexual abuse in Pak overturned
Amazon pumps Rs 1,600 crore into its India arm as e-commerce battle intensifies
Talent growth, investments to help India's AI market reach $5.1 billion by 2027
SPACE India, American Center to launch astronomy & space science workshop series
Instagram is now 3rd most popular mobile app in South Korea
Geomagnetic storms to continue to hit Earth till Sunday night: NOAA
Solar storm hits SpaceX's Starlink satellites
This WhatsApp feature will restrict users from taking screenshots of profile pictures
Musk's X banned over 1.8 lakh accounts for policy violations in India in April
Entertainment
Rashmika Stuns in Travel + Leisure Cover Shoot in Western Australia
Ananya Panday posts 'forgotten photos' of her in bikini
Watch: Adorable Video of Nayanthara with Twin Sons
Rashmika Mandanna Excitedly Watches Fan's Pushpa Dance at Airport
Upasana celebrates her first Mother’s Day with daughter Klin Kaara
Suhana and Her Rumoured BF Agastya Nanda Spotted with SRK
more..