Recently Facebook announced that there was a security breach on its platform in September 2018 and that 30 million people affected were affected.
According to Facebook, attackers had exploited a vulnerability in Facebook’s code that impacted “View As” a feature that lets people see what their own profile looks like to someone else. This allowed them to steal Facebook access tokens which they could then use to take over people’s accounts. . Tokens can be used, like a digital key, to request certain information through our platform.
After finding out about the vulnerability, Facebook says it fixed it and informed law enforcement.
Secondly, the social media giant reset the access tokens of the almost 50 million accounts they know were affected to protect their security. They also took the precautionary step of resetting access tokens for another 40 million accounts that have been subject to a “View As” look-up in the last year. As a result, around 90 million people will now have to log back in to Facebook, or any of their apps that use Facebook Login. After they have logged back in, people will get a notification at the top of their News Feed explaining what happened.
This attack did not include Messenger, Messenger Kids, Instagram, WhatsApp, Oculus, Workplace, Pages, payments, third-party apps, or advertising or developer accounts.
Want to find out if you were affected?
To find out if your account was affected by the hack, go to Help Center and log into your Facebook account.
- Once you’re in the Help Center, you’ll want to scroll down. Toward the bottom of the page, there is a section titled “Is my Facebook account impacted by this security issue.”
- If it wasn’t, you would get a notice like this; “Based on what we’ve learned so far, your Facebook account has not been impacted by this security incident. If we find more Facebook accounts were impacted, we will reset their access tokens and notify those accounts.”
- If it was, Facebook will tell you what kinds of information hackers had access to as part of the hack. The types of access are broken down into three categories.
- The first is that hackers stole name and contact information. This impacted 15 million people of the 30 million impacted account.
- The second category is more serious, affecting 14 million Facebook users. In addition to names and contact information, Facebook revealed that hackers may have had access to “username, gender, locale/language, relationship status, religion, hometown, self-reported current city, birthdate, device types used to access Facebook, education, work, the last 10 places they checked into or were tagged in, website, people or Pages they follow, and the 15 most recent searches.”
- Finally, Facebook found that hackers did not obtain any information in the third category of 1 million users.
So please check now if you were affected.
