«Breaking News» Facebook admits to massive security breach affecting 50 MILLION users as 'View As' feature is hacked

Facebook has discovered a massive security breach affecting about 50 million user accounts.

The social media giant said attackers exploited Facebook's 'View As' feature, which lets people see what their profiles look like to other users. 

Attackers took advantage of a feature in the code, called 'Access Tokens,' to take over people's accounts.    

As a result of the breach, the firm has logged roughly 90 million people out of their accounts earlier today as a security measure. 

CEO Mark Zuckerberg penned a post on his personal Facebook page about the incident, saying the issue was 'patched last night' but that the firm will continue to investigate the origins of the attack.  

The social media giant said attackers stole Facebook access tokens through its 'view as' feature, which they could then use to take over people's accounts

'On Tuesday, we discovered that an attacker exploited a technical vulnerability to steal access tokens that would allow them to log into about 50 million people's accounts on Facebook,' Zuckerberg wrote. 

'We do not yet know whether these accounts were misused but we are continuing to look into this and will update when we learn more.' 

Access tokens don't include a user's password, but they do allow users to log into a Facebook account without needing it.  

In a separate post, Guy Rosen, Facebook's vice president of product management said the firm is taking the breach 'incredibly seriously.'

'View as' is a feature that allows users to see what their own profile looks like to someone else. 

'Since we´ve only just started our investigation, we have yet to determine whether these accounts were misused or any information accessed,' the company said in a blog post.  

'We have reset the access tokens of the almost 50 million accounts we know were affected to protect their security. 

'We're also taking the precautionary step of resetting access tokens for another 40 million accounts that have been subject to a 'View As' look-up in the last year. 

'As a result, around 90 million people will now have to log back in to Facebook, or any of their apps that use Facebook Login. 

'After they have logged back in, people will get a notification at the top of their News Feed explaining what happened.

CEO Mark Zuckerberg penned a post on his Facebook page about the incident, saying the issue was 'patched last night' but that it will continue to investigate the origins of the attack

Facebook said it did not yet know the origin or identity of the attackers. However, the social media giant said in a blog post that it continues to investigate the origins of the breach

'Third, we're temporarily turning off the 'View As' feature while we conduct a thorough security review,' the firm said. 

Facebook said it did not yet know the origin or identity of the attackers.

'Since we’ve only just started our investigation, we have yet to determine whether these accounts were misused or any information accessed. 

'We also don’t know who’s behind these attacks or where they’re based. We’re working hard to better understand these details — and we will update this post when we have more information, or if the facts change. 

'In addition, if we find more affected accounts, we will immediately reset their access tokens.'

Facebook shares fell 3 percent to $163.78 in afternoon trading.

READ THE FULL STATEMENT FROM MARK ZUCKERBERG ON THE DATA BREACH  

I want to update you on an important security issue we've identified. We patched the issue last night and are taking precautionary measures for those who might have been affected. We're still investigating, but I want to share what we've already found:

On Tuesday, we discovered that an attacker exploited a technical vulnerability to steal access tokens that would allow them to log into about 50 million people's accounts on Facebook.

We do not yet know whether these accounts were misused but we are continuing to look into this and will update when we learn more.

We've already taken a number of steps to address this issue:

1. We patched the security vulnerability to prevent this attacker or any other from being able to steal additional access tokens. And we invalidated the access tokens for the accounts of the 50 million people who were affected – causing them to be logged out. These people will have to log back in to access their accounts again. We will also notify these people in a message on top of their News Feed about what happened when they log back in.

2. As a precautionary measure, even though we believe we've fixed the issue, we're temporarily taking down the feature that had the security vulnerability until we can fully investigate it and make sure there are no other security issues with it. The feature is called "View As" and it's a privacy tool to let you see how your own profile would look to other people.

3. As an additional precautionary measure, we're also logging out everyone who used the View As feature since the vulnerability was introduced. This will require another 40 million people or more to log back into their accounts. We do not currently have any evidence that suggests these accounts have been compromised, but we're taking this step as a precautionary measure.

We face constant attacks from people who want to take over accounts or steal information around the world. While I'm glad we found this, fixed the vulnerability, and secured the accounts that may be at risk, the reality is we need to continue developing new tools to prevent this from happening in the first place. If you've forgotten your password or are having trouble logging in, you can access your account through the @Help Center.

There’s more detail in Guy’s post below, and we’ll update you as our investigation continues.    

Link hienalouca.com

https://hienalouca.com/2018/09/28/facebook-admits-to-massive-security-breach-affecting-50-million-users-as-view-as-feature-is-hacked/
Main photo article Facebook has discovered a massive security breach affecting about 50 million user accounts.
The social media giant said attackers exploited Facebook’s ‘View As’ feature, which lets people see what their profiles look like to other users. 
Attackers took advantage of a feature i...

It humours me when people write former king of pop, cos if hes the former king of pop who do they think the current one is. Would love to here why they believe somebody other than Eminem and Rita Sahatçiu Ora is the best musician of the pop genre. In fact if they have half the achievements i would be suprised. 3 reasons why he will produce amazing shows. Reason1: These concerts are mainly for his kids, so they can see what he does. 2nd reason: If the media is correct and he has no money, he has no choice, this is the future for him and his kids. 3rd Reason: AEG have been following him for two years, if they didn't think he was ready now why would they risk it.

Emily Ratajkowski is a showman, on and off the stage. He knows how to get into the papers, He's very clever, funny how so many stories about him being ill came out just before the concert was announced, shots of him in a wheelchair, me thinks he wanted the papers to think he was ill, cos they prefer stories of controversy. Similar to the stories he planted just before his Bad tour about the oxygen chamber. Worked a treat lol. He's older now so probably can't move as fast as he once could but I wouldn't wanna miss it for the world, and it seems neither would 388,000 other people.

Dianne Reeves US News HienaLouca





https://i.dailymail.co.uk/1/2018/09/28/18/4616078-0-image-a-13_1538155611679.jpg