90 million Facebook users have to log on again due to hack

Facebook-Housing_Discrimination_92755-159532.jpg16756309

FILE – In this March 29, 2018, file photo the logo for Facebook appears on screens at the Nasdaq MarketSite, in New York’s Times Square. Federal regulators are alleging that Facebook’s advertising tools allow landlords and real estate brokers to engage in housing discrimination. The U.S. Department of Housing and Urban Development alleged in a […]

If Facebook asks you to log back into your account, it’s due to a hack that has affected 50 million accounts and possibly 40 million more.

A post in Facebook’s newsroom today outlines a hack discovered by Facebook engineers Tuesday that exploited code in the “View As” feature, which allows people to see what their own profiles look like to someone else.

“This allowed them to steal Facebook access tokens which they could then use to take over people’s accounts,” Facebook Vice President of Product Management Guy Rosen wrote. “Access tokens are the equivalent of digital keys that keep people logged in to Facebook so they don’t need to re-enter their password every time they use the app.”

Rosen says the code has been rewritten to eliminate the security vulnerability.

The “View As” feature has also been temporarily disabled while Facebook investigates the hack and looks to identify who was responsible for the breach.

Facebook has also reset the “access tokens” for 90 million Facebook users, which simply means they have to log back in to Facebook or into any of their apps that use the Facebook login.

After they have logged back in, people will get a notification at the top of their News Feed explaining what happened.

“Since we’ve only just started our investigation, we have yet to determine whether these accounts were misused or any information accessed,” Rosen writes. “People’s privacy and security is incredibly important, and we’re sorry this happened. It’s why we’ve taken immediate action to secure these accounts and let users know what happened. There’s no need for anyone to change their passwords.”

You can read the full Facebook statement here.

Copyright 2019 Nexstar Broadcasting, Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

Don't Miss