If the exit of senior executives of Facebook and the statements of others was not enough, this week Facebook has faced another problem. A hack has endangered almost 50 million user accounts. Facebook developers discovered the security breach on September 25 and according to an official statement, are already working to resolve it with affected users.
From Facebook, they inform that the researchers of the company are still not clear about how it happened, but they do know where the problem is centered. Taking advantage of a feature of the Facebook user profiles that allow “see how” to see how the profile would look for other users of the network, the attackers managed to access millions of accounts. This feature uses tokens that allow the user not to have to log in every time that enters the service, the tokens have been key for the attackers.
The company has made a series of changes to put an end to the security breach. First they have reset the tokens of users who know they have been affected, secondly, they have temporarily disabled the “see how” function for all users of the social network until they know exactly how the attack works.
What has been compromised
The CEO of Facebook, Mark Zuckerberg, has stressed that while they tried to access user information through the API, they can not assure that they have managed to obtain private information from users. Guy Rosen, vice president of Facebook, has indicated two interesting points: no passwords have been obtained, nor have bank accounts been obtained. In principle, it seems that the attackers have only been able to see the profile information as if it were with the “see how” function. That is to say, they have been able to see gender, photos, city of residence, place of studies … The typical information that appears in the user profiles.
Almost 50 million affected, another 40 million at risk
Apparently, this attack arises due to various changes in the code of the platform that has been made. The security breach is achieved with a set of three parts of the code. In July of 2017, they made a change in the code of the videos that allowed to communicate these three parts. The attackers used this change to make the breach. From there, accessing accounts could access other accounts.
Facebook indicates that not only have seen almost 50 million accounts have been violated, but there are another 40 million that could be in danger. As a preventive measure, they will reset the tokens of all these accounts. Affected users will have to log in again on all their devices and will receive a message telling them what the reason was. It remains to be resolved how exactly the attack was carried out and where it came from, as well as the information that could have been breached.
One of Facebook’s most important challenges has been convincing its users that it is responsible enough to handle the incredible amount of data that the company handles. Cambridge Analytica, the use of double-factor authentication for ads, the departure of Instagram co-founders or the harsh statements of the WhatsApp co-founder are not helping.
How Can I Came To Know Whether My FB Account Is Hacked Or Not
At first check your Facebook Account activity session for any login from unknown IP address. The activity session also shows every detail of your activity on Facebook. Cross verify all your activities done on Facebook. If in case if you found any malicious login attempt from unknown IP address or any activity that you have not done then your account is compromised.
There are other two things, you need to come across and that shows whether your account hacked or not. Firstly, the Facebook account is logged out without user permission and will ask “Please Login Again“. Secondly, it will ask you to reset your password. These two are caution things that confirm you whether attacked or not.
If you think that your facebook account has been hacked by someone, then contact to facebook hacked community and here the link to Facebook Hacked.