SAN FRANCISCO – Facebook announced Friday that up to 50 million accountswere breached in a security flaw exploited by hackers.
The large social network said it learned this week of the attack thatallowed hackers to steal “access tokens,” the equivalent of digital keysthat enable them to access their accounts.
“It´s clear that attackers exploited a vulnerability in Facebook´s code,”vice president of product management Guy Rosen said in a blog post.
“We´ve fixed the vulnerability and informed law enforcement.”
Facebook chief executive Mark Zuckerberg said engineers discovered thebreach on Tuesday, and patched it on Thursday night.
“We don´t know if any accounts were actually misused,” Zuckerberg said.”This is a serious issue.”
As a precaution, Facebook is temporarily taking down the “view as” feature– described as a privacy tool to let user see how their own profiles wouldlook to other people.
“We face constant attacks from people who want to take over accounts orsteal information around the world,” Zuckerberg said on his Facebook page.
Read Top Stories
“While I´m glad we found this, fixed the vulnerability, and secured theaccounts that may be at risk, the reality is we need to continue developingnew tools to prevent this from happening in the first place.”
Facebook said it took an additional “precautionary step” of resettingaccess tokens for another 40 million accounts where the vulnerable featurewas used. This will require those users to log back in to Facebook.
“We´re taking this incredibly seriously and wanted to let everyone knowwhat´s happened and the immediate action we´ve taken to protect people´ssecurity,” Rosen said.
“People´s privacy and security is incredibly important , and we´re sorrythis happened.”
The breach is the latest privacy embarrassment for Facebook, wich earlierthis year acknowledged that tens of millions of users had personal datahijacked by a political firm working for Donald Trump in 2016. – APP/AFP
