Massive Facebook Hack Affects 50 Million User Accounts

facebook 50 million data breach

Facebook has suffered a massive security breach that resulted in 50 million accounts being compromised. Hackers took advantages of bugs in Facebook’s “View As” feature and the platform’s video uploader to gain access tokens to other accounts. The company’s engineering team became aware of the breach on Tuesday, September 25. Facebook has since stated they have fixed the vulnerabilities and reset the access tokens for the 50 million users affected and an additional 40 million who might have also been affected.

According to Facebook, hackers exploited three bugs in the platform to gain access to other accounts. By using these three vulnerabilities in tandem, the bad actors were able to extract access tokens from the pages’ HTML code. Access tokens work as digital keys that allow users to stay signed in without having to go through the login procedure multiple times. 

The three bugs were located in the “View As” feature and Facebook’s video uploader. “View As” is a feature that allows a user to see how their profile looks to another user. The first bug allowed a user to post videos through “View As” which is a view-only interface and does not allow you to post. The second bug involved Facebook’s video uploader which erroneously created an access token. Lastly, the third bug would generate an access token for the user looked up when the video uploader appears as part of View As.

The breach granted access to user profiles and their personal information. This included personal bio information and access to private messages. The hack can also affect other platforms that use Facebook’s login feature. This includes third-party apps such as Instagram, Tinder, Spotify and any other service where Facebook was used for registration. This puts into perspective how damaging the breach really is. In essence, it is not just 50 million Facebook accounts that were hacked, but also any services linked to Facebook Login.

Follow Reactionary Times on WordPress.com

Trackbacks

  1. […] as the social media company brings to light new details regarding the breach. Earlier this month, Facebook suffered a data breach due to a bug in its “View As” feature which was used to access user accounts. Initially, the […]

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: