View RSS Feed


Facebook's Massive Security Breach - Everything You Need To Know About

Rate this Entry

Facebook declared that a massive security breach was exposed on September 25th, 2018 and has affected nearly 50 million accounts. Facebook has since fixed the vulnerability and immediately contacted law enforcement.

This latest breach comes just six months after news broke that Cambridge Analytica had tapped and taken the data of 50 million users. The allegations of this breach comprised the data being used to affect the 2016 presidential election. Contrasting the Cambridge Analytica scandal which saw a third-party company recollecting data, this newest breach saw hackers able to directly take get through Facebook user accounts.

The declaration describes the breach was connected to the “View As” feature on the site which lets users see their profile as it looks like to other users; “hackers demoralized a vulnerability in Facebook’s code that impacted “View As” a feature that allows people to see how their own profile looks like to somebody else. This permitted the attackers to gain Facebook access indications which hackers could use to get over people’s accounts.” Facebook is scrambling to rebuild its users' trust after another security issue uncovered user data.

Here you can find out everything you need to know about the security breach so far.

What actually happened?

Facebook says its engineering squad discovered a security risk that could let a hacker “to bargain Facebook access indications which hackers could use to get over people’s accounts.” nearly 50 million users’ data were confirmed at danger after hackers demoralized a vulnerability that permitted them access to private data. Facebook also pre-emptively secure 40 million additional accounts out of a profusion of carefulness.

What data were the attackers after?

Facebook’s CEO Mark Zuckerberg said that the corporation has not gotten any accounts negotiated and wrongly accessed — even though it’s initial days and that may change. But Zuckerberg said that the hackers were using Facebook developer APIs to gain some data, like “name, gender and hometowns” that’s related to a user’s profile folio.

What information wasn’t taken?
Facebook said that it looks doubtful that private communications were accessed. No credit card data was taken in the breach, the company said Yet again, that may change as the corporation’s enquiries going on.

What does an access token mean? Is it necessary to change the password?
When we enter our username and password on most apps and sites, as well as Facebook, our browser or device is customized an access token. This retains us logged in, without we have to enter our identifications each time we log in. But the token doesn’t store our password, so we don’t need to change our passwords.

Is this the reason Facebook logged you out of your account?
Of course, Facebook says it rebuilding the access tokens of entire users who were affected by the security breach. Which means almost 90 million Facebook account users will have been logged out of their own Facebook accounts, whichever on their computers or phones in the previous days? Facebook messenger users also affected by this breach.

When did this security breaching attack exactly happen?

Facebook was declared this vulnerability on the site in July 2017, but they didn’t identify about this issue up until this month, on 16th September 2018, when it spotted a spear in uncommon action. It means the attackers could have had entree to user data for a very long period of time, right now the company is not sure when did the attack actually began.

How did the hackers get into users’ Facebook account?
In July 2017, not one, but almost three bugs directed to the data revelation. There were nearly three vulnerabilities founded in Facebook video uploader, in a conversation with journalists, Facebook’s vice president of product management said that When you are using the feature “View As” to see your own profile as somebody else, the video uploader may frequently pop up on the screen when you logged in to your Facebook account which is totally needless. When the video uploader showed up on the screen, it automatically produced an access token using the specific person who the Facebook profile side was being seen as. Unfortunately, if that token was gained, a hacker could easily log into the Facebook account of the other person.

Is the security breach fixed?
Facebook says it fixed the vulnerability and secure the accounts on 27th September and then they began rearranging the access tokens of persons to guard the security of their Facebook accounts.

Did this affect other accounts like Instagram and WhatsApp?
Facebook said that it’s not yet sure about Instagram accounts are affected or not but were mechanically protected once Facebook access tokens were revoked. Affected Instagram accounts users will have to un-connect and reconnect their FB accounts with Instagram to cross-post to Facebook. On a conversation with journalists, Facebook said there is no influence on WhatsApp users at all.

Are sites which use Facebook Login affected as well?
Unluckily, If a hacker gained our Facebook account access token, it gives them access to our Facebook accounts as and also the sites that we’ve used Facebook to log in through, such as games, dating apps or flowing services.

Do we check to see whether our FB account was wrongly accessed?
We can. After we log back into our Facebook account, we can go to our account’s security & login side, which allows us to check where we’ve logged in. If we had our access tokens cancelled then we had to log in again, we should check only the devices that we used to log back in through.

Should we delete our Facebook account If It was hacked?

It’s our choice! But we may need to take some necessary protections such as changing our password and turn on the two-factor verification if we haven’t done this previously. If we’re weren’t wedged by this, we may need to take some time to delete some of our private information we’ve published in our Facebook profile to diminish our risk of exposure in future threats, if they were to happen.

Final Words

This is the second security breach that Facebook has revealed in recent months. In June, Facebook declared it had exposed a bug that made up to nearly 14 million users’ posts publicly on view to anybody for days. However, In Facebook history, this is the first time, that users’ whole accounts may have been negotiated by external attackers. These points will help to educate yourself on what you should be watching out for when a data security breach occurs. By educating yourself about these securities you can safeguard your accounts from the attackers.



Total Trackbacks 0
Trackback URL:
Who We Are

The Hub Sri Lanka is an online community portal for all the Sri Lankan digital Citizen's to enthusiastically learn and connect with the society by enormously increasing their knowledge and careers through an extensive collaborative marketplace.

Join us