Have you found yourself logged out of your Facebook account? You won’t be the only one as Facebook logged 90 million users out of their accounts on Friday 28th September due to a cyber attack.
The social media giant announced that it had initiated the mass log-out as security measure. The cyber attack happened on Tuesday September 25th, where the ‘View
As’ feature was breached to gain access to users’ private information. Facebook don’t know who was behind the attack.
The company’s Product Management vice president Guy Rosen reacted to the attack in a blog;
“Our investigation is still in its early stages. But it’s clear that attackers exploited a vulnerability in Facebook’s code that impacted ‘View As’, a feature that lets people see what their own profile looks like to someone else. This allowed them to steal Facebook access tokens which they could then use to take over people’s accounts”
“Access tokens are the equivalent of digital keys that keep people logged in to Facebook so they don’t need to re-enter their password every time they use the app.”
Since the attack happened last week, it has been discovered that the hack might be worse than first thought. Facebook has now confirmed that the attack could of gone onto impact third-party apps using Facebook log-ins.
A statement released by Facebook on Saturday reveals that they have reset all the access tokens and the users would just have to login again to the third-party apps.
“Now that we have reset all of those access tokens as part of protecting the security of people’s accounts, developers who used Facebook login will be able to detect that those access tokens have been reset, identify those users, and as a user, you will simply have to login again into those third-party apps.”
The attack comes only a few months after Facebook conceded the data of 87 million people, shared by political consulting firm Cambridge Analytica. Facebook chief, Mark Zuckerberg, responded to the incident stating that security is one of his top priorities.