Facebook Discloses Hack Affecting 50 Million Accounts The attackers stole Facebook access tokens, which keep you logged in so you don't have to enter your password every time you visit. In total, around 90 million people will have to log back in the next time they try to access the platform.

By Angela Moscaritolo

This story originally appeared on PCMag

via PC Mag

Facebook on Friday disclosed a security breach affecting nearly 50 million accounts.

The social network discovered the breach on Tuesday and is still investigating the issue, Guy Rosen, VP of product management, wrote in the announcement.

The hackers exploited a vulnerability in Facebook's code impacting the "View As" feature, which lets you see what your profile looks like to the public or a specific individual. For now, Facebook is turning off the "View As" feature while it investigates the incident.

The attackers stole Facebook access tokens -- aka "digital keys that keep people logged in to Facebook so they don't need to re-enter their password every time they use the app," Rosen explained. With your access token, an attacker could take over your account and use it as if they were you.

The flaw that attackers exploited stemmed from a video-uploading feature change Facebook made in July 2017, but it did not elaborate.

Facebook has patched that bug, notified law enforcement about the breach, and reset the access tokens of all impacted accounts. As a precaution, Facebook is resetting the tokens for another 40 million accounts "that have been subject to a 'View As' look-up in the last year." The company said there's no evidence those other 40 million accounts have been compromised.

In total, around 90 million people will have to log back in the next time they try to access the platform. On a call with reporters Friday, Facebook executives said no actual passwords were taken, so a password reset is not necessary. No credit card information was affected, they added.

At this point, many questions remain: "Since we've only just started our investigation, we have yet to determine whether these accounts were misused or any information accessed," Rosen wrote. "We also don't know who's behind these attacks or where they're based."

Angela Moscaritolo has been a PCMag reporter since January 2012. 

Editor's Pick

Related Topics

Business News

Costco Is Now Offering an Additional Exclusive Perk to Members in All 50 States

Members can now access discounted outpatient medical care through a partnership with healthcare startup Sesame.

Business News

8 People Hospitalized on JetBlue Flight Headed to Florida Due to Turbulence

The turbulent conditions occurred near Jamaica on a flight coming from Ecuador.

Business News

ChatGPT Will Soon Be Able to Speak, Listen and Have Instant Conversations

Open AI announced updates to the AI technology arriving in the next two weeks.

Business News

'I Am Blessed': Woman Finds $100,000 Forgotten Powerball Ticket While 'Going Through Papers'

The 75-year-old retiree from Virginia plans to deposit the money directly to her bank account.

Business News

These Are the Most (And Least) Happy States in the U.S. 2023, According to a New Report

Utah was found to be the happiest state in the country, while West Virginia was the least.

Business Ideas

55 Small Business Ideas to Start in 2023

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2023.